How to Create a SMIME Certificate

Written by alan hughes
  • Share
  • Tweet
  • Share
  • Pin
  • Email
How to Create a SMIME Certificate
Encrypt your e-mail with S/MIME certificates. (e-mail image by Hao Wang from

Secure/Multipurpose Internet Mail Extensions, or S/MIME, is the most widely supported e-mail encryption standard available today. S/MIME is the de facto standard for secure e-mail. When used with Public Key Infrastructure, or PKI, S/MIME provides authentication, integrity and encryption. The accepted standard for PKI certificates is the X.509 standard, which defines the structure of the certificates used to provide the confidentiality and identity verification features of S/MIME.

Skill level:


  1. 1

    Create a RSA private key with a command like this:"

    openssl genrsa --des3 --out my-e-mail-addr.key 4096

    ." This command generates a Triple-DES, 4096-bit encrypted key in readable ASCII text format.

  2. 2

    Create a Certificate Signing Request with a command like this: "

    openssl req -new -key my-e-mail-addr.key -out my-e-mail-addr.csr

    ." Provide accurate information at the prompts so that the S/MIME certificate will be able to protect your e-mail properly.

  3. 3

    Create a self-signed certificate with a command like this: "

    openssl x509 -req -days 365 -in my-e-mail-addr.csr -CA ca.crt --Cakey ca.key --set_serial 1 -out my-e-mail-addr.crt --setalias "My e-mail Addr's e-mail Cert" --add trust emailProtection -addreject clientAuth --addreject serverAuth -trustout

    ." This will generate a S/MIME certificate that is valid for 365 days.

  4. 4

    Prepare the S/MIME certificate for importing into your e-mail client with a command like this: "

    openssl pkcs12 --export --in my-e-mail-addr.crt --inkey my-e-mail-addr.key --out my-mail-addr.p12."

  5. 5

    Import the certificate into your e-mail client. The process for this step will differ depending on your specific e-mail client, but will typically be in the security options area. Once you have imported your digital id, you can begin securing your e-mail.

Don't Miss


  • All types
  • Articles
  • Slideshows
  • Videos
  • Most relevant
  • Most popular
  • Most recent

No articles available

No slideshows available

No videos available

By using the site, you consent to the use of cookies. For more information, please see our Cookie policy.