The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to get S/MIME certificate for Outlook and install it?

Download Windows Speedup Tool to fix errors and make PC run faster

Almost every PC user makes use of Microsoft Outlook. Outlook is incredibly popular partly because it comes in the Microsoft Office package. Outlook is one of the best email clients. Outlook has made it possible to exchange emails securely. Although this is the case, many users do not know how to do this. Outlook supports S/MIME certificates, which help send secure email messages. I have written this detailed guide to show you how to get S/MIME certificates on Outlook and send emails securely.

How to add S/MIME certificate for Outlook

How to get a S/MIME certificate for Outlook and install it?

Getting a S/MIME certificate for Outlook is straightforward, but you have to be careful when following the steps. If you get something wrong, you may have to start over. We will perform this operation in the following three elaborate steps:

  1. Install the PKCS12# file.
  2. Install the S/MIME SSL certificate.
  3. Configure Outlook email security.

Continue reading for the full guide.

1] Install the PKCS12# file

Before you can proceed with installing a S/MIME SSL certificate on Outlook, you need a PKCS12# file.

To get this file, click the link you find in your Certificate Activation Link email to go to your SSL vendor’s account. Your vendor should provide steps for installing the PKCS12# file.

Next, create a password and download the PKCS12# file. You must never lose this file because it contains the private key that you use to read Outlook messages that are encrypted using the public key.

NOTE: Make sure you download the RSA algorithm when downloading your certificate. Don’t select the RSA algorithm because it doesn’t encrypt emails.

2] Install the S/MIME SSL certificate

Following a successful download of the PKCS12# file, launch Microsoft Outlook to begin the certificate installation.

In the Outlook window, navigate to FileOptions and then click on Trust Center in the Outlook Options window.

microsoft-outlook-trust-center

Next, go to Trust Center Settings under Microsoft Outlook Trust Center and go to the Email Security tab on the left menu.

In the Digital IDs (Certificates) section, hit the Import/Export… button.

The next step is to find the file you downloaded in the first step. Select the Import existing Digital ID from a file option and hit Browse.

Navigate to the download location of the PKCS12# file you downloaded and open the file. You will be prompted for a password here, so enter the password you chose in the previous step and hit the OK button.

When prompted that An application is creating a protected item, hit the OK button.

3] Configure Outlook email security

Next, go to the Email Security tab on the left menu and click on the Settings button under Encrypted email. Here, enter a name you can remember into the Security Settings Name field.

In the Certificates and Algorithms option, click on the Choose button. The system will now display all your installed certificates. If you have downloaded only one certificate, click OK when the system shows you this certificate to confirm it. If you have downloaded multiple certificates, choose the certificate you downloaded and hit OK.

Next, you have to change the Hash Algorithm to SHA256 and then click on the Choose button beside Encryption Certificate, select the certificate, and click the OK button.

Finally, you can now set your default configuration for encrypted emails. Select your preferred options by marking the checkboxes beside each, and exit the Trust Center window.

select outlook encrypted emails settings

With these steps, you have now installed your S/MIME certificate on Outlook.

How do I create a secure message in Microsoft Outlook?

Now that you have installed your S/MIME certificate in Outlook, you can now send encrypted emails from your system. But how do you do this? Read this brief walkthrough below.

Before sending an email, go to the Options menu and toggle ON Encryption. You may also enable digital signature settings.

After sending the encrypted email, you will see a prompt asking if you wish to allow Outlook to make use of your private key. Click on Allow to make this possible.

allow outlook to send secure email

How do I know that the certificate is installed correctly?

The best way to confirm that you have installed the S/MIME certificate in Outlook is to send an encrypted email out. On sending this email, you will see a red certificate badge beside the email. Click on the red certificate badge, and you will see all the details about the S/MIME certificate.

What do I do if I don’t have my public key?

Your public key allows you to send encrypted emails. So without your public key, you will get an error. To get your public key, the receiver has to send you a signed email.

When you open this encrypted email, click on the red ribbon icon on the right-hand side of the email header to confirm the certificate’s signature and details. Finally, add the sender to your Outlook Contacts.

How do you add an Outlook Contact to send encrypted emails?

To add the sender of an email to your Outlook Contacts, right-click on their name, select the Add to Outlook Contacts option from the dropdown menu, and click the Save & Close option on the menu.

KeshiIle@TWC

Keshi Ile is a seasoned technology expert who holds a Bachelors's degree in Electronics Engineering and a Master's in Digital Marketing. He runs several internet companies and contributes to technology blogs.