DAWKCo(tm) Software: e-Mail POP3 Server, SMTP Anti-Spam eMail Blocker, WebMail, Web Site Mapper, Website Design

E-mail Security Certificates Readme File

Instructions for installing and using X.509 certificates
for digitally signing and encrypting secure e-mail messages.


X.509 Digital Certificates enable you to do the following:

  • Digitally Sign e-mail messages or files. A valid digital signature verifies the authenticity and integrity of a message or file.
  • Receive encrypted messages from people to whom you have sent a digitally signed message.
  • Send encrypted messages to people who have sent a digitally signed message to you.

To start using secure encrypted e-mail, please follow these simple instructions. You may want to print this for easy reference during the procedure.

The first step is to download and install the DAWKCo NetSecurity Root CA certificate. The Root Certification Authority (CA) certificate establishes the basis of trust for certificates that claim to be issued by that CA.

After you have installed the root CA certificate, download your personal e-mail security certificate from the location sent to you by e-mail. Then, install and use your e-mail security certificate per the instructions below.

Installing the DAWKCo NetSecurity Root CA Certificate

  1. Click Here to Download the DAWKCo NetSecurity Root CA Certificate. Save the downloaded Root CA Certificate file to disk.
     
  2. Double-click the Root CA Certificate file, then click Install... (or click Next if the Certificate Import Wizard starts automatically), follow the prompts and click OK or Finish. The Root CA Certificate should automatically be installed in the Trusted Root Certification Authorities store on your computer.

[Instructions for MS Office Outlook (2000 / 2003 / 2007)]
 
[Instructions for MS Outlook Express and Windows Mail]


Installing Your E-Mail Security Certificate in MS Outlook Express or Windows Mail

  1. Save your downloaded personal e-mail security certificate file to disk.
     
  2. Double-click the e-mail security certificate file, then click Install... (or click Next if the Certificate Import Wizard starts automatically), follow the prompts and click OK or Finish.
    Note: if you are prompted for a certificate password, enter the password given to you by e-mail.
  3. Open MS Outlook Express or Windows Mail
    a) On the main menu click Tools, select Options..., then select the Security tab. Below the heading Secure Mail, click Advanced... and enable the following options:
     
    x Always encrypt to myself when sending encrypted mail
    x Include my digital ID when sending signed messages
    x Add senders' certificates to my Address Book (or Windows Contacts)
     
    b) Click OK, then click OK again.
     
    c) On the main menu click Tools, select Accounts..., select the e-mail account you're using, click Properties, then select the Security tab.
     
       i) Under the heading Signing Certificate, click Select... then select the Secure Email certificate having your subject name and e-mail address (and latest expiration date) and click OK.
     
      ii) Under the heading Encrypting Preferences, click Select... then select the Secure Email certificate having your subject name and e-mail address (and latest expiration date) and click OK. Next to Algorithm, select 3DES (which is the most secure option available at this time). Click OK, then click Close.
     
    d) Create a new e-mail message to [anyone who will need to send you encrypted e-mail]:
     
       i) Click the "Sign" button on the message toolbar to digitally sign the message with your Digital ID. If you do not see the "Sign" button on the toolbar, then on the message main menu click Tools and select Digitally Sign.
     
      ii) Send the message.
     
    Note: there is also a message toolbar button for "Encrypt" (and corresponding Tools menu item Encrypt), but do not select encryption for this particular message.
  4. Encrypting messages. Before you can encrypt a message to someone, you need their Digital ID. Have them send a digitally signed e-mail to you--when you receive their digitally signed message, their Digital ID will automatically be imported into a contact record in your Address Book (or Contacts). Afterward, you will be able to encrypt messages to that person.

Installing Your E-Mail Security Certificate in MS Office Outlook (2000 / 2003 / 2007)

  1. Save your downloaded personal e-mail security certificate file to disk.
     
  2. Double-click the e-mail security certificate file, then click Install... (or click Next if the Certificate Import Wizard starts automatically), follow the prompts and click OK or Finish.
    Note: if you are prompted for a certificate password, enter the password given to you by e-mail.
  3. Open MS Office Outlook
    a) On the main menu, click Tools:
     
    - If you are using Outlook 2000 / 2003 select Options..., then select the Security tab.
    - If you are using Outlook 2007 select Trust Center..., then select E-mail Security.
     
    Below the heading Encrypted e-mail, click Settings... and select/enable the following options:
     
    Cryptography Format: S/MIME
    x Default Security Setting for this cryptographic message format
    x Default Security Setting for all cryptographic messages
     
    Under the heading Certificates and Algorithms, set the following:
     
       i) Next to Signing Certificate, click Choose..., then select the Secure Email certificate having your subject name and e-mail address (and latest expiration date) and click OK.
     
      ii) Next to Hash Algorithm, select SHA1 (which is more secure than MD5).
    Note: Outlook 2007 also supports the higher security hash algorithms SHA256, SHA384 and SHA512; however, unless you will correspond only with Outlook 2007 users (or users of e-mail software with similar capabilities), you should select the SHA1 hash algorithm for compatibility with users of other e-mail software.
     iii) Next to Encryption Certificate, click Choose..., then select the Secure Email certificate having your subject name and e-mail address (and latest expiration date) and click OK.
     
      iv) Next to Encryption Algorithm, select 3DES (which is more secure than most 128-bit algorithms).
    Note: Outlook 2007 also supports the higher security encryption algorithms AES 128-bit, AES 192-bit and AES 256-bit; however, unless you will correspond only with Outlook 2007 users (or users of e-mail software with similar capabilities), you should select 3DES encryption for compatibility with users of other e-mail software.
       v) Enable the following option:
     
         x Send these certificates with signed messages
     
    b) Click OK, then click OK again.
     
    c) Create a new e-mail message to [anyone who will need to send you encrypted e-mail]:
     
       i) On the message toolbar, click the "Digitally Sign Message" (or Sign) button.
     
        - If you are using Outlook 2000 / 2003 and you don't see that button, click the little down-arrow at the right edge of the toolbar buttons to pop-up the additional buttons that are not visible on the toolbar.
        - If you are using Outlook 2007, the "Digitally Sign Message" (or Sign) button is located in the Options group. You can also select the Options tab and then click the More Options button to access the Message Options dialog and its Security Settings... button and dialog.
     
       Note: there is also a message toolbar button for "Encrypt Message Contents and Attachments" (or Encrypt), but do not select encryption for this particular message.
     
      ii) Send the message.
  4. Encrypting messages. Before you can encrypt a message to someone, you need to create a Contact record for them in MS Office Outlook and then import their Digital ID into that Contact record by doing the following:
    a) Have the correspondent send a digitally signed e-mail to you. When you receive the digitally signed message, use your mouse to drag and drop the message into the Contacts folder (or onto the Contacts button); a new contact form will open--click Save and Close.
     
    b) Back in the Inbox, view the digitally signed message in the preview pane (or open the digitally signed message). Click the red ribbon icon above the upper right corner of the message body. When the Digital Signature dialog opens, click Details...
     
       i) Under the heading Security Layers, select the Signer line, click Trust Certificate Authority..., click Trust, then click Close once.
     
      ii) Select the Signer line again, click Edit Trust..., select the Details tab, and click Copy to file... Follow the Certificate Export Wizard prompts and save the certificate to a file with the persons name as the file name (e.g., JohnSmith.cer, or JaneDoe.cer). Save the file in a location where you will be able to find it easily.
     
     iii) Click OK, click Close, click Close.
     
    c) Open the Contacts folder (or click the Contacts button) and double-click the person's contact record.
     
       i) When the contact record opens:
     
        - If you are using Outlook 2000 / 2003, select the Certificates tab.
        - If you are using Outlook 2007, click the Certificates button (in the Show group).
     
    Click Import... and locate the certificate (*.cer) file that you saved above, select it and click Open. The persons Digital ID entry will then appear under the heading Certificates (Digital IDs).
     
      ii) Click Save and Close.
     
    d) After completing the above procedure for a specific correspondent, you will be able to send that person encrypted e-mail. To do so, create a new e-mail message addressed to that person and before sending the message, click the "Encrypt Message Contents and Attachments" (or Encrypt) message toolbar button.
     
        - If you are using Outlook 2000 / 2003 and you don't see that button, click the little down-arrow at the right edge of the toolbar buttons to pop-up the additional buttons that are not visible on the toolbar.
        - If you are using Outlook 2007, the "Encrypt" button is located in the Options group. You can also select the Options tab and then click the More Options button to access the Message Options dialog and its Security Settings... button and dialog.

Copyright ©2008-2017 DAWKCoTM Software, all rights reserved.

Top