Sign & Encrypt E-Mail - Outlook 2013

 

Introduction


This article will walk you through Signing & Encrypting e-mail in Outlook 2013

Note: Provided you have a client digital certificate, you can digitally sign an e-mail to any recipient. Digitally signing a message with the settings specified in prerequisite #3 will also send the recipient your public key. The recipient can then use your public key to send you an encrypted message. This message can only be decrypted with your private key which should never leave your system. In order to send an encrypted message to someone else, you will first need a signed e-mail from them; in turn you can use their public key to send them an encrypted message that only they can read.


Prerequisites


Before you are able to sign and/or encrypt e-mails in Outlook, you must first:

  1. Download a PersonalSign certificate
  2. Import your PersonalSign certificate to the Windows Certificate Store
  3. Configure your certificate in Outlook 2013.


Signing

  1. Compose a new E-Mail
  2. Switch to the Options tab and click Sign E-Mail
  3. Press send, the message will be digitally signed. 


Saving a Contact's Public Key

  1. Before you can send an encrypted message, you must first save the public key of the recipient. Request that they send you a signed e-mail. A red ribbon will appear on an e-mail to indicate it is signed:

    Sign and Encrypt EMail Outlook 2013 01.png
  2. Right click on the sender's name and click Add to Outlook Contacts 
    (Do this even if they are already a contact)

    Sign and Encrypt EMail Outlook 2013 02.png
  3. Enter the details of the new contact, click Save. If they are an existing contact, choose Yes to update the contact details.


Sign and Encrypt EMail Outlook 2013 03.png

Note: When you add or update a contact directly from a signed e-mail, Outlook will pull in the sender's public key and associate it with the contact details. Now when you try and send an encrypted e-mail, it will know what certificate to use for the recipient. 

Encrypting Messages

Now that you have the public key of the intended recipient saved, you can compose an e-mail and use the Encrypt feature. 

  1. Compose an e-mail in Outlook.
  2. On the Options tab, click Encrypt and Sign.

    Sign and Encrypt EMail Outlook 2013 04.png
  3. Press Send. The message will be both signed and encrypted. A lock icon will appear on messages that are encrypted. 
    Sign and Encrypt EMail Outlook 2013 05.png

    Additional Information

    When you reissue or renew your GlobalSign certificate, you will get a unique keypair each time. This means that the new certificate will not be able to decrypt past e-mails that were encrypted with your old certificate. For this reason, make sure you keep your old certificates installed on your computer. Even if they are expired, they still have the functionality to decrypt your old e-mails. 

Related Articles

GlobalSign System Alerts

View recent system alerts.

View Alerts

Certificate Inventory Tool

Scan your endpoints to locate all of your Certificates.

Log In / Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.