Auto-Contact

When the Turn off automatic sender's certificates addition to Outlook contacts setting is not configured or disabled, ActivClient enables saving a contact certificate to a Microsoft Outlook account.

When you receive a signed email, the encryption email of the sender is attached to the email – when you open this email, ActivClient allows you to automatically save this certificate to the Contact associated to the sender. This contact is created or updated in a specific Contacts folder that you can also configure the Outlook Auto-Contact Destination Folder.

Depending on the scenario, ActivClient asks the user to confirm the operation:

  • Scenario 1 – If a contact already exists in the Contacts folder with the same email address and without any associated certificate, the following window is displayed.

The user can view the certificate before adding it to the Contacts. It then becomes the default certificate for this contact.

  • Scenario 2 – If a Contact already exists in the Contacts folder with the same email address but has a default certificate that is different from the received email encryption certificate, the following window is displayed.

The user can easily compare the two certificates. By accepting the update, the new certificate is added to the Contact and it becomes the default certificate for this Contact.

  • Scenario 3 – If a Contact already exists in the Contacts folder with the same email address and has a default certificate identical to the received email encryption certificate, ActivClient does not modify the contact.

  • Scenario 4 – If there is no Contact in the Contacts folder associated to the received email, the following window is displayed.

The user can confirm that the new Contact should be created in the Contacts folder. If the user accepts and creates the Contact, then another window displays to confirm the addition of the certificate to this user (same as in scenario 1). The user can view the certificate before accepting that it is added to the Contact. It then becomes the default certificate for this Contact.

Note:

If the signed email that the user receives is encrypted as well, then ActivClient needs to decrypt the email first in order to determine if the email is signed, and if the add-to contact is applicable.

A PIN prompt might then display in order to decrypt the email and access the sender’s certificate. Depending on ActivClient PIN caching configuration, PIN authentication might be required several times.