How to send/receive encrypted email from Microsoft Outlook
Internal and External User Definition: An external user is someone who has their email hosted outside the domain and control of the Hermes Secure Email Gateway. For example, an external user would have their email hosted with an email service like Gmail, yahoo etc. Typically, this external user has the need to send/receive encrypted email with someone who is inside the domain and consequently the control of the Hermes Secure Email Gateway.
Prerequisites and Goals:
The external user will be using Microsoft Outlook to send/receive email
The external user has been issued a secure email certificate from the Hermes Secure Email Gateway
The external user has installed the secure email certificate into their Microsoft Outlook
The internal user has sent a signed email to the external user and the external user has imported the internal user's certificate from that signed email into their Outlook contact for that internal user
The external user has configured their Outlook to send signed/encrypted email to the internal user
If all of the above sounds complicated, don't worry. This guide will walk you through every step of the way to get everything configured correctly.
For the purposes of this tutorial, we will use two email accounts. First, email@example.com will be the internal user account (i.e. someone inside the domain and control of the Hermes Secure Email Gateway) and firstname.lastname@example.org will be the external user account (i.e. someone outside the domain and control of the Hermes Secure Email Gateway). The reason we make this distrinction is because sending secure email from internal users is automatic, however sending secure email from external users requires configuring Outlook first.
This guide also assumes you have already received an email with an attached key.pfx file. A key.pfx file is nothing more than a password protected certificate that you have to install into your Outlook email client. In order to install the certificate, you must have the password which should had been given to you already. If not, please contact the internal user you will be communicating with securely and ask for the certificate password.
Install the certificate into Microsoft Outlook
Open the email titled Your email encryption certificatewith the attached key.pfx file (Figure 1)
Double-click on the attached key.pfx file. If you get an opening attachment warning, click the Open button (Figure 2)
On the Certificate Import Wizard window, click the Next button (Figure 3)
On the File to Import window, simply click the Next button again (Figure 4)
On the Password window, enter the certificate password you were provided in the Password field, ensure Enable strong private key protection and the Mark this key as exportable options are unchecked and ensure the Include all extended properties option is checked and click the Next button (Figure 5)
On the Certificate Store window ensure that Automatically select the certificate store based on the type of certificate is selected and click the Next button (Figure 6)
On the final Completing the Certificate Import Wizard window simply click the Finish button (Figure 7)
You should get a The Import was successful window. Click OK to close that window (Figure 8)
Next, back in your Outlook, click on Tools >> Trust Center (Figure 9)
In the Trust Center window, click on the E-mail Security option and then ensure Encrypt contents and attachments for outgoing messages is checked and press the Settings button (Figure 10).
Next, in the Change Security Settings window, click on the Choose button (Figure 11)
Next, in the Confirm Certificate window, simply click the OK button (Figure 12)
Next, back in the Trust Center window, you will notice that in the Default Setting section, it's no longer blank and it has been filled by My S/MIME Settings.. followed by your email address. Your Outlook is now ready to send encrypted messages. Click the OK button to exit the Trust Center window (Figure 13)
Next, back in your Outlook window, click New to compose a new email message. In example message below, notice the new envelope with the padlock icon in the options section of the message. This means that Outlook will try to encrypt this message destined for email@example.com (internal user) (Figure 14).
Click the Send button and you will immediately get an Encryption Problems window (Figure 15). The reason this happens is because there is no personal certificate saved for firstname.lastname@example.org in your Outlook contacts so it's only possible to send an unencrypted message to that individual. Click the Send Unencrypted button and the message will go out as normal.
In order to send an encrypted message to that individual you need to save that individual's personal certificate into your Outlook contacts. Please note this is NOT the same certificate you saved earlier in this guide. That was your own certificate. So, please have the internal user simply send you an email. Once you receive that email, double-click it and open it. Please note that you MUST double-click the email message since the email is encrypted it will NOT preview in Outlook. Once you have the message open you willl notice a padlock icon and a ribbon icon to the right of the message. This means that the message has been encrypted and signed by the sender (Figure 16).
Next, right-click on the From field on the message and on the resultant drop-down menu click on Add to Outlook Contacts (Figure 17)
Next, on the Contact window, make any necessary changes you may want and click on the Save & Close window (Figure 18)
Saving the contact in your Outlook contacts also saves that individuals personal certificate. Once that certficate is saved in your Outlook contacts, you will be able to send encrypted emails to that individual without Outlook complaining.
We collect no information about you, other than information automatically collected and stored (see below), when you visit our web site unless you choose to provide that information to us.
Information Automatically Collected and Stored:
When you browse through any web site, certain personal information about you can be collected. We automatically collect and temporarily store the following information about your visit:
the name of the domain you use to access the Internet (for example, aol.com, if you are using an American Online account, or stanford.edu, if you are connecting from Stanford University's domain);
the date and time of your visit;
the pages you visited; and
the address of the web site you came from when you came to visit.
We use this information for statistical purposes and to help us make our site more useful to visitors. Unless it is specifically stated otherwise, no additional information will be collected about you.
Personally Provided Information:
You do not have to give us personal information to visit our web sites.
If you choose to provide us with additional information about yourself through an e-mail message, form, survey, etc., we will only maintain the information as long as needed to respond to your question or to fulfill the stated purpose of the communication.
The term "Deeztek, LLC" or "us" or "we" refers to the owner of the website. The term "you" refers to the user or viewer of our website.
The content of the pages of this website is for your general information and use only. It is subject to change without notice.
Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
From time to time, this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
Your use of this website and any dispute arising out of such use of the website is subject to the laws of the state of Delaware and the country of the United States of America.