This post describes how to obtain your personal email certificate that can be used to receive encrypted mail and to sign outgoing emails. You should never send confidential informatin via email since it can be read by any ISP and mailserver administrator on its way.
There are several providers for free S/MIME certificates. We’ll be using Trustcenter “Internet ID”. The good thing about this certificate is, that it’s valid for 1 year and it contains your real name. Some others issue only generic certificates without names.
1. Sign up
Navigate to the trustcenter certificate wizard.
This wizard is also available in german.
Fill your personal details. Press next
Select “High Grade” for key length and press “Generate key pair”
The key generation takes a few seconds. After that, fill the additional fields. The revocation password can be used in case you lose your certificate in order to “delete” it. Choose a strong password. Prexx “Next”
You order is confirmed.
2. Confirm your email address
Now check your emails. You should receive the followigng email
Follow the instructions in the email and reply.
3. Install the certificate
A few minutes later you’ll receive another email. This one contains a summary and a link to install the certificate. Click the link. Note that the link must be opened in the very same browser that was used to generate the key
You’ll see the following page if everything went fine.
Click “Install certificate”
4. Backup the certificate
The certificate is now stored in your browser’s certificate manager. It’s a good idea to export it for backup purposes. You’ll need to import the file if you want to use the certificate for email applications.
Navigate to Tools –> Options –> Advanced
Click “View Certificates”
You should see your certificate in the tab “Your Certificates”
The file you’re about to export is secret. You should protect it with a strong password.
Done! You exported a PKCS#12 file which can be used with your email clients. Check my other posts for instructions.