In a world where snooping and manipulating the content of emails and other kinds of messages is easy for cybercriminals, you need to get some protection. You have to get some sort of protection that tells the recipient that the email they received is genuine and has not been changed or manipulated in its way to his or her inbox. This article explains Digital Certificates and how to add a Digital Signature to your copy of Microsoft Outlook or a similar email client on a Windows computer.
Digital Email Certificates
Digital Email Certificates are guarantee that the message contents are exactly the same as what was sent by the sender of the email. If any middle-man tries to access one or more packets of email and tries to modify the contents, the email client will show an error message to the effect that the email cannot be trusted. A digital signature certificate consists of a key that is private to your email ID. You can view email certificates by clicking on the ‘badge’ icon just above the message in Microsoft Outlook and other email clients. Here is what a digital email signature looks like.
Digital certificates for emails are issued by the same bodies that offer SSL and other types of certificates to websites. There are paid and free services among the bodies. For ease of understanding, we will use Comodo as the certificate provider. The digital certificates for personal email is free from Comodo and you register as many email IDs as you want. Once you have the certificate installed on your computer, you just need to import it into the email client – like Outlook – so that the email client can use the digital certificate.
If there are more than one digital signature certificate in an email client, they are associated with different, but related accounts. A single email ID cannot have two digital certificates. When you send an email, the email client automatically associates the related email digital signature certificate to the email.
Add a Digital Signature to Outlook
Email Signature Certificate Services, including Comodo’s, also provide encryption that you can use as optional security. However, in this case, the recipient too should be using the same software for decrypting the email. For example, if you download and use Comodo Certificate Manager (a paid software that allows you to manage your digital certificates across a network), you have to ask the recipient to install the same if you wish to send encrypted emails to the recipient. But not everyone is willing to spend on security, especially if they are not involved in much of computing.
There is another way that some services provide. They will store the actual encrypted message on their own servers and forward a key to the recipient along with a link to the message in a separate mail. The recipient can then click the link and use the key to decrypt the emails. But since this post is about an email digital signature, we will not get into the details of the encryption of messages. For now, please understand that encryption is also possible if you are using Comodo digital email signature or any other similar service.
This may look complicated, but using a digital signature is as easy as clicking a button to authenticate the message, just after you click on Send. You just have to click Allow.
How to obtain a free digital signature for Outlook
Though there are several vendors that offer free and paid email certificates for digital signatures, we will be talking about Comodo, as an example. The method to install certificates from other vendors is more or less the same.
First, you have to get the certificate. At Comodo, it is a two-step process.
- You have to apply for the digital signature that would be related to your email ID. Visit comodo.com for the free digital signature application form. Here, you mention the email ID for which, you want the email ID. You can also create a revocation password just in case you wish to revoke the certificate later. You may have reasons to revoke the certificate later when you feel your certificate key is copied and used by someone else or when you forget the password you set after importing the digital signature into Microsoft Outlook or other email clients.
- Once you fill in the application form, a link is sent to your email ID which was mentioned in the application form. When you click the link in the email after filling up the email digital signature application, the website attempts to install the certificate on your computer. You will be prompted by the system on whether or not to allow the website to install the certificate. Allow it so that it is installed.
The application form looks like the image below. Fill in all the details. You will have to scroll down the entire agreement before you can click the Accept button. You may be prompted twice to click the Accept button in some cases.
For security reasons, you need to perform both operations – filling in the application and clicking the link for installation of certificate – using the same browser. If you click the link to open it using a different browser, it will not install the certificate.
How to import email digital signature into Outlook
Though we are talking about Outlook, the process is similar to all the email clients. This too can be broken into two tasks as follows:
- Export the newly installed certificate to someplace you know
- Import the certificate into Outlook or other email clients
To export the newly installed certificate, first, you need to find it on your computer. Press WinKey+R to open the Run dialog box. Type certmgr.msc in the text box and hit Enter key. That will open Windows Certificate Manager. Navigate to Personal > Certificates folder in the left pane to view the free digital signature certificate from Comodo.
Double click on the certificate to open it. On the Details tab, click on Copy to File… option to export the certificate. This will open the Certificate Export and Import Wizard. Use the wizard to export the file to someplace that you can recall. You will need the knowledge of the path where you stored it to import the certificate into Outlook.
After you exported the digital signature for email, open Outlook if it is not already open. Click on File and Options. Click on the last option that says Trust Center and then click on Trust Center Settings….
Click on the option saying Email Security in the left pane and in the right pane, click on Import/Export… (See image below)
Once you click on the Import/Export… button, you will get a dialog box as shown below.
Navigate and select the certificate you exported using the above method. In the Password field, type a password so that the signature cannot be hacked by anyone other. You will again be prompted to set the security level. If you select High, you will be asked to enter the password every time you send an email using the related email ID. The Low setting will simply ask you for permission to access the digital certificate.
After you have imported the digital certificate into Outlook, close the open dialog boxes.
This is how to add a digital signature to Outlook or other email clients. We used the Comodo example as it is free.