En­crypt email any­where

Learn how to use a self-signed cer­tifi­cate to en­crypt mes­sages be­yond Mail

Mac Format - - APPLE SKILLS - Nick Peers

it will ta ke

25 min­utes

you will lear n

How to ex­port cer­tifi­cates for use in a third-party email client or on iOS.

Yo u’ll need

An S/MIME ca­pa­ble email app, or a de­vice with iOS 5 or higher. You’re able to ex­port your self-signed cer­tifi­cate for use in other apps and on other de­vices

Last is­sue we showed you how to dig­i­tally sign and en­crypt mes­sages in Mail by cre­at­ing your own self-signed cer­tifi­cate in Key­chain As­sis­tant.

How­ever, what if you man­age your email in a dif­fer­ent app, or want to en­crypt emails on your iPhone or iPad too?

The good news is that you can use your cer­tifi­cate in other apps and on other de­vices by ex­port­ing it to a pass­word-pro­tected file. This file is then ei­ther im­ported into an email app on your Mac or trans­ferred to your iOS de­vice for use in its ver­sion of Mail.

First, if you haven’t al­ready, fol­low last is­sue’s tu­to­rial to cre­ate your self-signed cer­tifi­cate us­ing Key­chain As­sis­tant. Next, open Key­chain Ac­cess from /Ap­pli­ca­tions/ Util­i­ties (or by search­ing for it in Spot­light). Se­lect My Cer­tifi­cates in its left-hand pane, then lo­cate your cer­tifi­cate – to ver­ify you’ve cho­sen the cor­rect one, dou­ble-click it and check its Us­age reads ‘Dig­i­tal Sig­na­ture, Key En­ci­pher­ment’ and its ‘Pur­pose #1’ en­try in the Ex­ten­sion sec­tion says ‘Email Pro­tec­tion’.

Once iden­ti­fied, right-click the cer­tifi­cate and choose Ex­port <Cer­tifi­cate Name>. Leave the de­fault file type as ‘Per­sonal In­for­ma­tion Ex­change (.p12)’ so you end up with a suit­able file­name, then choose where to store your ex­ported p12 file. Click Save, then en­ter a strong pass­word to pro­tect the file and click OK. Ver­ify your re­quest with your user ac­count’s pass­word and click Al­low.

Us­ing the cer­tifi­cate else­where

If you want to use your cer­tifi­cate in an­other email app, ver­ify that app sup­ports S/MIME email en­cryp­tion, then check its help sys­tem or web­site for instructions on im­port­ing your cer­tifi­cate into the cor­rect ac­count. Tak­ing Thun­der­bird as an ex­am­ple, go to Tools > Ac­count Set­tings, se­lect the rel­e­vant ac­count, and se­lect Se­cu­rity in the left-hand pane. Click View Cer­tifi­cates, click the Your Cer­tifi­cates tab, and then click Im­port. Se­lect the p12 file you ex­ported, click Open, then en­ter the pass­word you set ear­lier and click OK again.

Once the cer­tifi­cate has been im­ported, click OK to re­turn to the Ac­count Set­tings pane and click the Se­lect but­ton un­der Dig­i­tal Sign­ing. Fol­low the prompts and choose Yes when prompted to use the im­ported cer­tifi­cate to both en­crypt and de­crypt mes­sages. You should see the cer­tifi­cate is se­lected for both dig­i­tal sign­ing and en­cryp­tion – leave the other op­tions as they are and click OK.

Now when com­pos­ing mes­sages, click the Se­cu­rity but­ton at the top to choose to sign and/or en­crypt each in­di­vid­ual mes­sage when you send it – you can only en­crypt mes­sages to peo­ple who’ve shared their own S/MIME cer­tifi­cates with you through Thun­der­bird.

The process is sim­i­lar with Post­box (search sup­port.post­box-inc.com for ‘SMIME’ to find a set-up guide). Other apps, such as Air­mail, re­quire a plug-in to work – AMPlug S/MIME Beta (bit.ly/amsmime) in Air­mail’s case. On the other hand, Out­look has direct ac­cess to your key­chain, so no ex­port is re­quired. In­stead, sim­ply se­lect your tar­get ac­count in Tools > Ac­counts, go to Ad­vanced > Se­cu­rity and click the Cer­tifi­cate pop-up menu un­der Dig­i­tal Sign­ing to con­nect it to yours.

When ex­port­ing your cer­tifi­cate, pro­tect it with a strong pass­word so you can safely trans­fer it to iOS by email.

Stick with the de­fault Per­sonal In­for­ma­tion Ex­change (p12) file for­mat as Mail for iOS and many other apps can read it.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.