5.10. Signing and encrypting messages

Since Zarafa 6.10 it is possible to use S/Mime certificates. Certificates enables the use of digitally signing emails and/or encrypting emails.

The description in this manual is the manual procedure. An automatic way to receive a certificate is to use Active Directory Services (ADS). The automatic method is not described in the client manual, but will be described in the server manual.

5.10.1. Retrieving a certificate

In order to get a certificate a registration at a Certificate Authority (CA) is needed. Multiple possibilities are available; one is to have the Active Directory (AD) act as a CA, the other is to subscribe to an independent CA, like CaCert (http://www.cacert.org/).

5.10.1.1. Certificates via AD

The company’s AD is configured to act as a CA:

Open Internet Explorer
Go to the following URL: http://<domainserver>/servcrt. If the URL is different, ask the systems administrator for the correct URL.
Click on Request a certificate and on the next page on User Certificate to generate a certificate.
The certificate will be placed into Outlook automatically.

5.10.1.2. Certificates via an independent CA

Go to the site of the CA.
Register the email address and create a certificate.
Use Firefox to retrieve the certificate.
In Firefox, go to Tools > Options > Tab Advanced > tab Encryption > button View Certificates.
5.14. ábra - Certificate Manager
Select the correct Certificate and Click Backup.
Enter a password.
Save the certificate as a PKCS12 file.
Open Outlook.
Go to Tools (if Outlook 2003: Options) > Security Tab > Click Import/Export… > Click Browse…
Select the correct .P12 file.
Enter the previous password.
Enter in the field Digital ID Name: the email address for which the certificate is meant.
Click button OK twice.

5.10.2. Check encrypted email settings

Go to Tools > Options > Security tab > click Settings….
Check if the field Security settings Name: contains the S/MIME settings for the email address.