UW Digital ID (Win) - Configuring Outlook 2010 to use a UW Digital Certificate

PKI can be used with Outlook 2010 to send secure, digitally encrypted email. This document outlines the necessary steps to configure a UW Digital Certificate for Microsoft Outlook 2010 for Windows.

  • Floppy Disk or CD: UW Digital ID - Importing a Digital Certificate from Disk or CD
  • Windows Download: UW Digital ID (Win) - Downloading your Digital Certificate
  • Unable to decrypt messages sent from MS Outlook 2010: UW Digital ID - Unable to decrypt messages sent from Micorsoft Outlook 2010
  • Make sure you have your UW Digital Certificate downloaded and installed correctly before proceeding:

    After downloading and installing your certificate, it will be available for use in Outlook 2010. To use your certificate in Outlook 2010, do the following:
    1. Choose "File" tab in the Outlook menu bar
    2. Choose "Options"
    3. FileOptions.gif
    4. Choose "Trust Center"
    5. Choose the "Trust Center Settings..." button

    6. TrustCenter.gif
    7. Choose "E-mail Security"
    8. Click the "Settings..." button
    9. EmailSecurity.gif

      To define your security settings and to specify which certificate you wish to use you need to define your default security settings. To do so you need to click the "Settings..." button. You will then see the following screen:


      You can create different security settings and give these separate names. You can define the following settings:

      Secure Message Format (type of e-mail)
      Digital Signature Settings
      Encryption Settings
      Security Setting Preferences (setting defaults)

      The first step is to give your setting a name, this you can choose yourself:


      The "Digital Signature" settings allow you too choose the certificate you wish to use for signing your emails. If you click the "Choose..." button you will be presented by an overview of your personal certificates:


      You can view each certificate by first selecting a certificate and then clicking on the ‘Click here to view certificate properties’ link. You will now have a screen which gives an overview of the certificate:


      When you find the certificate you want to use select it and click "OK":

      The certificate will now be added to both the "Signing Certificate" and "Encryption Certificate" box for this security setting.


    10. Click "OK" to save this Security Setting.

    Digitally signing your e-mail messages with Microsoft Outlook 2010

    1. The first step to securing your e-mail messages is to sign them using your digital certificate.
    2. Open a new email window. In the Options ribbon in the Permission section you will see two Mail Security icons, the red signing icon and selecting this will sign your email with the chosen certificate, the second is the blue encrypting icon and selecting it will encrypt your email (note: you will need the public key of your recipient before you can encrypt your email).
    3. NewEmail.gif

    4. Your digital signature enables the recipient of your message to verify that you actually sent the message and that it was not altered along the route. Digitally signing your email will also give the recipient a copy of your public key, this will allow the recipient to send you encrypted emails in the future.
    5. When you digitally sign your message, it does not mean that no one can intercept or read your message. Digitally signing a message does not affect the contents of the message in any way or protect the message from being intercepted and read by someone other than the intended recipient.
    6. To ensure that only the recipient can read a message, you must also encrypt the message.
    7. If the recipient of your digitally signed message does not use an S/MIME–enabled e-mail client, they can still read your message. However, your digital signature appears as an "smime.p7s" attachment and you will be unable to encrypt or decrypt messages with this person.

    8. If the recipient of your digitally signed message does use an S/MIME–enabled e-mail client, the message will appear with an icon indicating that the message was digitally signed in for example in Outlook it appears with a ribbon. 
    9. The signed icon shows that the received message was signed:

    10. The untrusted signature icon shows that the received message was signed by a certificate which was issued by a CA which you do not trust yet (because you have not installed its root certificate or it has been revoked).

    11. This icon looks like:

    12. You can setup Outlook to always digitally sign your messages each time you send and you can configure your security settings (as described previously) to sign using a specific certificate.

    See Also:

    Keywords:Outlook 2010, Outlook, UW Digital ID, install, installing, configure, configuration, Digital Certificate, PKI, "outlook digital signature"   Doc ID:16550
    Owner:Steven T.Group:Digital ID
    Created:2011-01-13 19:00 CDTUpdated:2014-06-13 08:31 CDT
    Sites:Access Management Services, Digital ID, DoIT Help Desk, DoIT Tech Store
    Feedback:  16   5