Creating a Personal Secure Certificate for Encrypted Email

Discussion in 'macOS' started by ingenious, Sep 10, 2009.

  1. ingenious macrumors 68000

    ingenious

    Joined:
    Jan 13, 2004
    Location:
    Washington, D.C.
    #1
    How do I create a personal secure certificate to encrypt my email?
     
  2. Tex-Twil macrumors 68020

    Tex-Twil

    Joined:
    May 28, 2008
    Location:
    Europe
    #2
    Hi,
    if you want to encrypt an email you send to someone else, you need his certificate.

    If you want that people encrypt email they send to you, in this case they need your certificate.

    A certificate is issued by a Certification Authority. You can also generate a self signed certificate but in this case it will not be trusted by other people, hence useless unless you need it for testing ;)

    Tex
     
  3. electroshock macrumors 6502a

    electroshock

    Joined:
    Sep 7, 2009
    #3
    Depends on type of encryption. If you want S/MIME (which is more common) to encrypt your outgoing emails, then Verisign sells them for $19.95/year:

    http://www.verisign.com/authentication/individual-authentication/digital-id/

    Works well with just about all major mail clients I've used on Macs/Windows/Linux for the past 10+ years. There are other certificate authorities that sells similar products but I'm only personally familiar with Verisign's offerings.

    If you want PGP certificates, you'll probably need to install a plug-in for it and generate a new key and then register it at a public keyserver (or give out to people you'd send encrypted emails to). Much less common.

    If you want to encrypt your stored email messages for your own viewing rather than when emailing a message to someone else, then you might want to either use FileVault or get a commercial PGP software that does file/folder/volume encryption.
     
  4. Tex-Twil macrumors 68020

    Tex-Twil

    Joined:
    May 28, 2008
    Location:
    Europe
    #5
    Where is the option in Mail to s/mime sign/encrypt an email ? I've never found that :(

    I do have my key pair and other people's certificates in the key chain but I just can't see the option.

    Tex
     
  5. alphaod macrumors Core

    alphaod

    Joined:
    Feb 9, 2008
    Location:
    NYC
    #6
    I would use PGP; I know it's kind of dying these days (or it never caught on), but it gives you a private and public key, and it's free.

    Of course at the moment, it does not work in Snow Leopard.
     
  6. Nugget macrumors 65816

    Nugget

    Joined:
    Nov 24, 2002
    Location:
    Houston Texas USA
    #7
    You can confirm whether or not OS X recognizes your key and other people's certs by looking at the email addresses in Address Book:

    [​IMG]

    The little checked seals indicate the presence of a matching certificate in your keychain.

    Then, if that's all solid, in email you should see two new icons when sending an email from an address which has a valid certificate:

    [​IMG]

    See the two new buttons next to the signature selector? If you have a valid certificate for yourself the right side button will be enabled and allows you to choose to sign your email or not.

    If your recipient has a valid certificate, the left side button will be enabled and allows you to choose to encrypt the email or not.
     
  7. electroshock macrumors 6502a

    electroshock

    Joined:
    Sep 7, 2009
    #8
  8. ingenious thread starter macrumors 68000

    ingenious

    Joined:
    Jan 13, 2004
    Location:
    Washington, D.C.
    #9
    Thanks for the tips. I'll give this a shot this weekend.
     

Share This Page