Send/Read Signed and Encrypted Email Messages with Microsoft Outlook

Send/Read Signed Email Messages

A digital signature is a combination of your private key and the message.

It authenticates you as the message sender and verifies the integrity of the message.

With ActivClient, the digital signature is performed directly on your smart card.

Prerequisites:

  • Microsoft Outlook is installed on your workstation.

  • Microsoft Smart Card Mini Driver Support (sub-component of the Digital Certificate Services component) was installed during setup.

  • Microsoft Outlook Usability Enhancements (sub-component of the Digital Certificates Services component) was installed during setup. This option allows you to sign an email message with a single click (optional).

  • A certificate with email signature capabilities is available on your smart card.

  • You have configured your security profile in Microsoft Outlook (see section Automatically Configure Your Microsoft Outlook Security Profile).

Send Signed Email Messages

  1. Insert your smart card (chip-side up and chip first) into the smart card reader.

  2. Create the email message, select the Options tab and click the Sign icon.

  3. Complete and send the email message.

Read Signed Email Messages

If you receive a digitally signed email message, you can use your email client to validate the sender's identity.

Click the signed message that you want to read. If the sender is successfully authenticated, the message appears with a secure message icon.

Send/Read Encrypted Email Messages

Encrypting an email message guarantees that only the intended recipient can open and read the message and its attachments. Email encryption is based on the public key infrastructure.

Decrypting an encrypted email message is performed directly on your smart card for increased security.

Send Encrypted Email Messages

Prerequisites:

  1. Create the email message, select the Options tab and click the Encrypt icon.

  2. Complete and send the email message.

Read Encrypted Email Messages

Prerequisites:

  • Microsoft Outlook is installed on your workstation.

  • A certificate with email encryption capabilities is available on your smart card.

  • Your encryption certificate is available to other users (see section Automatically Publish Your Certificates to the Global Address List).

  • Microsoft Smart Card Mini Driver Support (sub-component of the Digital Certificate Services component) was installed during setup.

  1. Insert your smart card (chip-side up and chip first) into the smart card reader.

  2. Click the encrypted message you want to read.

  3. Enter your PIN.

    The email message and attachments are displayed along with the secure message icon informing you of the encryption status.

Automatically Decrypt and Save Emails

ActivClient allows you to save a decrypted version of encrypted emails. This enables you to access these emails even after your encryption email is no longer available (for example if your card management system and policy do not support recovery of expired certificates).

Prerequisites:

  • Microsoft Outlook is installed on your workstation.

  • Microsoft Outlook Usability Enhancements (sub-component of the Digital Certificates Services component) was installed during setup.

  • The ActivClient Turn on automatic decryption of encrypted emails setting is enabled (it is disabled by default; your administrator might have enabled this feature).

  1. Open the encrypted email.

  2. Enter your PIN.

ActivClient automatically decrypts and saves the email, replacing the encrypted version.

The email message and attachments are displayed. In addition, the secure message icon is no longer displayed, indicating that the message is not encrypted.