Configure Message Security in Outlook 2003
How can I configure e-mail and message security in Outlook 2003?
After installing the online Certificate Authority (CA) and after obtaining a user Digital Certificate signed by your CA you will now need to configure Outlook 2003 to use the new message security features.
These features include:
- Message encryption
- Message signing
Note: Before being able to encrypt or sign messages you will need to apply for, receive and install a Digital Certificate designated for this purpose. For more info please see the Related Articles section at the bottom of this page.
In order to configure Outlook 2003 to use the new message security settings please follow these steps:
- Open Outlook.
- Go to Tools > Options > Security tab.
- In the Encrypted E-Mail section press the Settings button.
- In the Security Settings Name drop-down list make sure you see a “My S/MIME Settings (your e-mail)” title appears.
- In the Cryptography Format make sure S/MIME is selected.
- In the Certificates and Algorithms section, under Signing Certificate make sure that the Digital Certificate you’ve previously obtained is listed. If not, press Choose and browse to the required certificate.
Note: The obtained certificate should be listed automatically, and in most cases you will not need to modify any setting.
- In the Encryption Certificate section, under Encryption Certificate make sure that the Digital Certificate you’re previously obtained is listed. If not, press Choose and browse to the required certificate.Note: The obtained certificate should be listed automatically, and in most cases you will not need to modify any setting.
- To make sure you always send your Public Key with any message you send or reply to, select the “Send these certificates with signed messages” check-box.
- Click Ok twice.
Using Message Digital Signature
In order to use the Message Digital Signature feature you do not need to perform any special action. Just type your message as you would in any regular message, press the “Add a Digital Signature to this message” icon, then press the Send button.
If you send a message to yourself (or to another account you can open) you’ll see that the new message has a Digital Signature icon on the right-hand side of the message window.
Clicking on it will bring up a dialog box telling you if the signature was in fact ok, or in case of problems with the message signature – warn you against possible threats.
Using Message Digital Encryption
In order to use the Message Digital Encryption feature you will first need to obtain your recipient’s Public Key.
Without going into great detail hare (I will later, on a different article), the Public Key part of a pair of mathematical keys (Public and Private keys) which are used for message encryption and authentication. The Public Key is basically a long string that can be used to encrypt a message, while only the person holding the Private Key will be able to decrypt the message.
In order to encrypt a message that is intended to be read only by David, I will need to ask David for his Public Key, so I will be able to use it to encrypt the message, knowing that there is only one person that holds the key’s pair – the Private Key – and that person is David.
So in order to be able to exchange encrypted messages between myself and David, I will need to first send a Digitally Signed message (see procedure above) to David, thus sending him my Public Key. Next, David will have to reply to my message by sending his Public Key. The moment we both have each other’s Public Keys we will be able to begin sending encrypted messages to one another.
Just type your message as you would in any regular message, press the “Encrypt message content and attachment” icon, then press the Send button.
When the recipient opens the received message he or she will see that the message was in fact encrypted, and can also check the certificate and encryption details.
If by mistake you still don’t have the recipient’s Public Key you will get a warning message telling you that the message cannot be encrypted: