A Quick Guide To Using A PKI Certificate In Outlook 2010
If you are an IT professional or if you are a small business owner trying to handle the IT chores on your own, working with PKI certificates for email can seem like a challenge. This is also true if you are a private individual using Outlook 2010 and trying to install or import a PKI certificate to allow you to encrypt and digitally sign your personal email.
To help you to assign the PKI certificate in Outlook 2010, there are a few simple steps to complete. If you are applying for the certificate from our website or through your company, the installation should occur automatically provided you are using the same email and the same program you used during the application.
To import the PKI certificate in Outlook 2010, you will need to first complete an export of the cert from the existing email client or browser. This is done differently depending on the browser or email client where it is installed.
At Comodo in our knowledgebase section, you can search by browser, email client or even device type for S/MIME (Secure Multipurpose Mail Extensions) certs. These step-by-step instructions will guide you through the export process. Be sure to follow all steps to have all the information you need to complete the install and assignment of the certificate to your Outlook 2010.
One of the biggest mistakes people make is to fail to check the box that asks if you want to export the private key when you export the cert. It is essential to check this box or you will need to do this in a separate step.
This is no different from using an SSL/TLS product for a domain and using it on different servers. You will first install the SSL (Secure Sockets Layer) cert on the original server used to generate the Certificate Signing Request. Then, once that is completed, you can export the certificate and the private key to other servers to which the website is pointed.
With an automatic install of the PKI certificate in Outlook 2010 or after completing the import steps as outlined on the Comodo knowledgebase, it will still be essential to configure the email. This is because the email account needs you to specify instructions as to how to use the PKI cert. This can include making use of the processes automatic or manually, including encryption and digital signatures in the emails you send.
To get started, start by opening the Outlook account. There should be a tab labeled File in the left-hand corner at the top of the screen. Look for Outlook Options and then find the Trust Center button at the bottom of the column.
From here, and once in the Trust Center box, look for the settings button and then the E-mail Security button or name. From this, there will be a Default Setting box and click on the Settings button. This will then lead you to another new window that provides you with the option to Change Security Settings.
Choose both Signing and Encryption one a time with Signing first. By clicking on these one a time, you will see a new pop-up window that allows you to find the Comodo PKI certificate in Outlook 2010 that you have just installed. Highlight this and click OK for each of the two options.
This will then allow you to have the option to digitally sign or encrypt email sent from your Outlook email account. You can choose to do one or both by simply manually clicking on the respective buttons in the header of your email.
You can also set this up to occur automatically. This will require going back into the settings and simply checking the respective boxes. If you don't send all emails digitally signed and encrypted it is a wise decision to simply do it manually when need.
Keep in mind, in order to encrypt a message to a recipient your Outlook requires a copy of their certificate and public key. This allows their email client to decrypt the message using the private key that matches the public key stored in your Outlook storage. This needs to be sent from the same email where you are sending the encrypted messages and vice versa.
Likewise, the private key for your PKI certificate in Outlook 2010 will be used to digitally sign a document and their copy of your public key will be used for decrypting and comparing to ensure the email is authentic and has not been compromised.
For more information on using PKI certs in Outlook, or to discuss your needs for Public Key Infrastructure Personal Authentication Certificates, give us a call at +1 888 266 6361 or chat through the website at https://www.instantssl.com.