UW Digital ID (Mac) - Configuring Mail.app to use a UW Digital Certificate

UW Digital ID certificates can be used with Apple Mail to send secure, digitally encrypted email. If you have not installed your digital certificate, please see UW Digital ID (Mac) - Downloading your Digital Certificate

Using UW Digital ID with Apple Mail

No configuration is necessary. Once your certificate is imported into your Keychain, Mail is ready to begin using it. You will notice two new buttons on the right-hand side of the message window when you compose or reply to a message.

encrypted and signed buttons

Here they are in the message window:

new message window

The sunburst icon represents whether the message is signed, and the padlock icon indicates whether the message is encrypted. By default, your messages are neither signed nor encrypted.

To digitally sign a message, begin addressing the message as you normally would. Click the sunburst icon with the "x". The "x" will change to a checkmark, signifying the message is now signed with your digital identity.

signed message window

The padlock icon will remain grayed out until you receive a message from someone else that has been digitally signed with their certificate. Once an exchange of signed messages has taken place, the padlock will become available, and you may start signing and encrypting your messages. This ensures the security of your messages, and allows the recipient to have a greater degree of trust that the message originated from you.

signed and encrypted message window

When you receive messages from others, you will notice that they will now contain additional information in the header about whether the message is signed, encrypted, or both, as appropriate.

security header of encrypted and signed message

Note: Apple Mail might not display this security header if the message was encrypted. This is a known issue with Apple Mail, but we do not know of a fix or workaround.

Security Controls:

Encryption Unavailable

Encryption Unavailable / Signed Message. The message cannot be encrypted since the certificate for one or more recipients is not known or does not exist.


Signed, Not Encrypted

Signed Only.


Encrypted, Not Signed

Encrypted Only.


Signed and Encrypted

Signed and Encrypted.


Both available

No security set. Click on the lock icon to encrypt and / or the seal icon to sign the message.

See Also:




Keywords:macos os x osx macintosh digital certificate pki Public Key Infrastructure mail.app mail signed encrypted signing encrypting configuring configure signature encryption smime UW Digital ID   Doc ID:4093
Owner:Steven T.Group:Digital ID
Created:2005-10-25 19:00 CDTUpdated:2016-09-06 13:26 CDT
Sites:Access Management Services, Digital ID, DoIT Help Desk, DoIT Tech Store
Feedback:  17   5