UW Digital ID (Win) - Configuring Outlook 2016 for Windows to use a UW Digital Certificate

PKI can be used with Outlook 2016 to send secure, digitally encrypted email. This document outlines the necessary steps to configure a UW Digital Certificate for Microsoft Outlook 2016 for Windows.

Before you can use your UW Digital Certificate, you must first have it downloaded and installed on your computer:
After downloading and installing your certificate, it will be available for use in Outlook 2016. To use your certificate in Outlook 2016, do the following:
  1. Choose "File" tab in the Outlook menu bar
  2. Choose "Options"

  3.  Select Options
  4. Choose "Trust Center"
  5. Choose the "Trust Center Settings..." button

    Trust Center

  6. Choose "E-mail Security"
  7. Click the "Settings..." button
  8. Email Security, select settings

    To define your security settings and to specify which certificate you wish to use you need to define your default security settings. To do so you need to click the "Settings..." button. You will then see the following screen, (if you do not have your Digital ID set up follow the document at the top of the page):

    Security Settings

    You can create different security settings and give these separate names. You can define the following settings:

    Secure Message Format (type of e-mail)
    Digital Signature Settings
    Encryption Settings
    Security Setting Preferences (setting defaults)

    The first step is to give your setting a name, this you can choose yourself:

    Edit Security Settings

    The "Digital Signature" settings allow you too choose the certificate you wish to use for signing your emails. If you click the "Choose..." button you will be presented by an overview of your personal certificates:


    You can view each certificate by first selecting a certificate and then clicking on the ‘Click here to view certificate properties’ link. You will now have a screen which gives an overview of the certificate:


    When you find the certificate you want to use select it and click "OK":

    The certificate will now be added to both the "Signing Certificate" and "Encryption Certificate" box for this security setting.


  9. Click "OK" to save this Security Setting.

Digitally signing your e-mail messages with Microsoft Outlook 2016

  1. The first step to securing your e-mail messages is to sign them using your digital certificate.
  2. Open a new email window. In the Options ribbon in the Permission section you will see two Mail Security icons, the red signing icon and selecting this will sign your email with the chosen certificate, the second is the blue encrypting icon and selecting it will encrypt your email (note: you will need the public key of your recipient before you can encrypt your email).
  3. NewEmail.gif

  4. Your digital signature enables the recipient of your message to verify that you actually sent the message and that it was not altered along the route. Digitally signing your email will also give the recipient a copy of your public key, this will allow the recipient to send you encrypted emails in the future.
  5. When you digitally sign your message, it does not mean that no one can intercept or read your message. Digitally signing a message does not affect the contents of the message in any way or protect the message from being intercepted and read by someone other than the intended recipient.
  6. To ensure that only the recipient can read a message, you must also encrypt the message.
  7. If the recipient of your digitally signed message does not use an S/MIME–enabled e-mail client, they can still read your message. However, your digital signature appears as an "smime.p7s" attachment and you will be unable to encrypt or decrypt messages with this person.

  8. If the recipient of your digitally signed message does use an S/MIME–enabled e-mail client, the message will appear with an icon indicating that the message was digitally signed in for example in Outlook it appears with a ribbon. 
  9. The signed icon shows that the received message was signed:

  10. The untrusted signature icon shows that the received message was signed by a certificate which was issued by a CA which you do not trust yet (because you have not installed its root certificate or it has been revoked).

  11. This icon looks like:

  12. You can setup Outlook to always digitally sign your messages each time you send and you can configure your security settings (as described previously) to sign using a specific certificate.

See Also:

Keywords:Outlook 2016, Outlook, UW Digital ID, install, installing, configure, configuration, Digital Certificate, PKI, "outlook digital signature" pki   Doc ID:52004
Owner:Steven T.Group:Digital ID
Created:2015-06-05 13:35 CDTUpdated:2015-11-17 12:16 CDT
Sites:DoIT Help Desk, DoIT Tech Store, Office 365
Feedback:  0   0