S/MIME Certificates

On the Encryption > S/MIME Certificates tab, you can import external S/MIME certificates. Emails for recipients whose certificates are listed here will automatically be encrypted. If you want to disable encryption for a particular recipient, simply delete its certificate from the list.

Note – If for a recipient an OpenPGP public key is imported additionally to an S/MIME certificate, emails will be encrypted using OpenPGP.

Note – When you upload an S/MIME certificate manually, messages from the email address associated with the certificate are always trusted, although no CA certificate is available that may identify the person noted in the certificate. That is to say, manually uploading an S/MIME certificate labels the source as trusted.

To import an external S/MIME certificate, proceed as follows:

  1. On the S/MIME Certificates tab, click New External S/MIME Certificate.

    The Add S/MIME Certificate dialog box opens.

  2. Make the following settings:

    Format: Select the format of the certificate. You can choose between the following formats:

    • der (binary)
    • pem (ASCII)

    Note – Microsoft Windows operating systems use the cer file extension for both der and pem formats. You must therefore determine in advance whether the certificate you are about to upload is in binary or ASCII format. Then select the format from the drop-down list accordingly.

    Certificate: Click the Folder icon to open the Upload File dialog window. Select the file and click Start Upload.

    Comment (optional): Add a description or other information.

  3. Click Save.

    The new S/MIME certificate appears on the S/MIME Certificates list.