Sign outgoing mails with Outlook 2003
Cause
Your CERN Certificate can be used to sign your outgoing mails, to prove your identity
and to prove to recipients that the message was not modified by a third person.
The CERN Certificate can also be used to encrypt the mails you send,
so that only the selected recipient can decrypt and read it.
As the CERN Certificate is not worldwide trusted, non CERN users (non CERN Domain machines)
will need to trust (once only per machine) the CERN Root Certificate to verify correctly your signature.
Outlook Setup
- On a non CERN Domain machine, you will first need to trust the CERN Root Certificate. Follow the steps detailed here.
- Run Outlook
- Select menu Tools -> Options
- Select Tab Security
- Check Add digital signatures to outgoing messages
- Click on Settings button
- Type in a settings name
- Select S/MIME in Cryptography format
- Check Default security setting on the 2 boxes.
- In Certificates and Algorithms part, click Choose button for Signing Certificate and Encryption Certificate
- Each time select your CERN Trusted Certification Authority certificate (issued to your login)
- Click Ok to save your Security Settings
- If you want other CERN members to send you encrypted emails, publish your certificate public key into the Global Address Book by clicking on Publish to GAL
- Click Ok
Now when composing new mails, you'll notice 2 icons in the toolbar, one for signing mails (which should be enabled by default), and a second for encrypting mails.
|
Note:
|
To encrypt an outgoing mail, the recipient must have puslished his certificate public key to the Global Address book (button publish to GAL).
If not, you must add this recipient to your contacts with his certificate public key: on a received signed mail from this recipient, right click on sender -> Add to Outlook Contacts.
|
Warning: To decrypt a mail, you must have the keys used to encrypt it, so beware when archiving mails.