Encryption of E-Mails

Table of contents

1. 1. Mozilla Thunderbird
   2. Microsoft Outlook

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption of e-mail encapsulated in MIME.

If You want to send an encrypted e-mail to persons that use DFN PKI certificates You need to configure Your e-mail client.
You can find on this page the description of the configuration process  for the following e-mail clients.

Mozilla Thunderbird

You have to import the certificate chain in your e-mail client. Please download the following three certificates from the TU Dresden CA web page

• Deutsche Telekom Root CA certificate
• DFN PCA certificate
• TU Dresden CA certificate 

Please open Mozilla Thunderbird and go to Tools->Options->Advanced->Certificates and click the button "View certificates".

Please change to the tab "Authorities" and import the three CA certificates of the certificate chain. Please click on Import button.

For each CA certificate enable the three trust options as shown on the next screenshot.

Now You have to import the certificate of the e-mail recipient that You want to send an encrypted e-mail. Please switch to the tab "Other People's" in the Certificate Manager.
 

Click the import button and choose the certificate file of the e-mail recipient. After a successfully import process You can see
the certificate of the e-mail recepient.
 

Now You can send an encrypted e-mail. Please write a new e-mail by clicking the Write button. For encryption click on the Security symbol and choose "Encrypt This Message".

Microsoft Outlook

Microsoft operating systems includes the Deutsche Telekom root certificate. That certificate is automatically used in
Microsoft own e-mail clients such as Microsoft Outlook.

Microsoft Outlook uses the term "Digital ID" for certificates. If You want to send an encrypted e-mail to an recipient
You have to import its certificate. Please click on Tools->Options and choose the tab Security.
 

Click on the button Digital IDs... to import the user certificate and choose the tab Other People.
 

Please click on the Import button. The Windows Certificate Import Wizard is started. Now You have to select the certificate file. After You have successfully imported the certificate You can see it in the Other People middle window frame.
 

To encrypt Your e-mail to the recipient You have to click on Encrypt symbol button in the e-mail writing window.