Secure/Multipurpose Internet Mail Extensions, or S/MIME, is the most widely supported e-mail encryption standard available today. S/MIME is the de facto standard for secure e-mail. When used with Public Key Infrastructure, or PKI, S/MIME provides authentication, integrity and encryption. The accepted standard for PKI certificates is the X.509 standard, which defines the structure of the certificates used to provide the confidentiality and identity verification features of S/MIME.
- Skill level:
Other People Are Reading
Create a RSA private key with a command like this:"
openssl genrsa --des3 --out my-e-mail-addr.key 4096
." This command generates a Triple-DES, 4096-bit encrypted key in readable ASCII text format.
Create a Certificate Signing Request with a command like this: "
openssl req -new -key my-e-mail-addr.key -out my-e-mail-addr.csr
." Provide accurate information at the prompts so that the S/MIME certificate will be able to protect your e-mail properly.
Create a self-signed certificate with a command like this: "
openssl x509 -req -days 365 -in my-e-mail-addr.csr -CA ca.crt --Cakey ca.key --set_serial 1 -out my-e-mail-addr.crt --setalias "My e-mail Addr's e-mail Cert" --add trust emailProtection -addreject clientAuth --addreject serverAuth -trustout
." This will generate a S/MIME certificate that is valid for 365 days.
Prepare the S/MIME certificate for importing into your e-mail client with a command like this: "
openssl pkcs12 --export --in my-e-mail-addr.crt --inkey my-e-mail-addr.key --out my-mail-addr.p12."
Import the certificate into your e-mail client. The process for this step will differ depending on your specific e-mail client, but will typically be in the security options area. Once you have imported your digital id, you can begin securing your e-mail.
- 20 of the funniest online reviews ever
- 14 Biggest lies people tell in online dating sites
- Hilarious things Google thinks you're trying to search for