How To Install an S/MIME Certificate on Outlook

In this tutorial, you will learn how to install a S/MIME certificate on Outlook for Windows 10.  The final sections will include useful tips on where to buy the best email certificate for your Outlook client.

Pre-installation steps

Make sure you have a PKCS12# file with your certificate and private key ready to install. Typically, you can get it from your SSL vendor’s account by clicking the link within your Certificate Activation Link email and following the instructions in your browsers.

You’ll be asked to create a password before downloading the file. Remember the password and the location of your downloaded file. If you lose the private key, you won’t be able to read the messages encrypted with your public key.

Install your S/MIME SSL certificate on Outlook

Once your certificate file is ready, you can continue with the installation.

Please follow the steps below to import your certificate in Outlook.

1. Open Outlook. From the main menu, select File, then click Options.
2. In the Outlook Options window, from the left-side options, select Trust Center.
3. Click on the Trust Center Settings button and select Email Security from the left-side menu.
4. Under Digital IDs (Certificates), click the Import/Export button.
5. Ensure Import existing Digital ID from a file is checked, then click Browse
6. Locate to the PKCS#12 file, then click Open. The filename extension should be .p12.
7. Enter the password you used when downloading the PKCS#12 file, then click OK.
8. On the security dialog box that pops up, click OK.
9. Now, go to Email Security and click the Settings button under Encrypted email.
10. In the Security Settings Name field, enter a friendly name for your security settings.
11. Under Certificates and Algorithms, click Choose, next to Signing Certificate
12. From the pop-up with a list of certificates installed in your system. Select the appropriate certificate that you have downloaded. Click OK.
13. Set the Hash Algorithm to SHA256.
14. Next to Encryption Certificate, click Choose, and select your downloaded certificate. Click OK.
15. Click OK to close the Change Security Settings window.
16. In the Email Security menu, under Encrypted Email, check your desired default options. Click OK.

Congrats! Your S/MIME certificate is up and running! You can start sending signed and encrypted emails.

To create a secure message in Outlook, follow the steps below:

1. Under Options, toggle the encryption and/or digital signature settings for your message.
2. After you send the email, allow Outlook to use your private key by clicking Allow in the Windows security dialog box.

To verify whether you’ve configured the certificate properly, send a test mail in Outlook. A red certificate badge will appear on the right side of the sent email. Click on that red badge to check the certificate’s details.

Note: If you don’t have your recipient’s public key, you won’t be able to send an encrypted email.

Where to buy the best email SSL certificate for Outlook?

The best place to buy email certificates to encrypt and digitally sign your correspondence is from an official SSL reseller. Here, at SSL Dragon, we offer the best email certs on the market. Depending on your account (personal or business), you can choose from CPAC certificates issued by Sectigo or S/MIME products provided by DigiCert. Both Certificate Authorities are reputable names in the SSL industry.

If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected]. Your input would be greatly appreciated! Thank you.