Access Keys:
Skip to content (Access Key - 0)

Q:How can I tell if I am using my personal certificate for email encryption?

On this page:

Background

The majority of users at MIT are not using S/MIME and do not need to use S/MIME. A very small number of users at MIT require S/MIME for their daily work. Your system administrator or local IT support department would likely have informed you if you needed to use S/MIME. S/MIME requires a number of explicit configuration steps, so it's not possible to enable it inadvertently. If you're unsure, contact your local IT support or system administrator.

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are methods used to secure and encrypt sensitive information like credit cards, usernames, passwords, and other private data sent over the Internet. Website pages secured with SSL and TLS are those identified by the HTTPS in their URL address.

Users who do not have a material need for S/MIME are discouraged from using it at this time.

  • Using S/MIME requires additional configuration and maintenance steps. Most importantly, you must be sure to back up the personal certificate you use for S/MIME. If you accidentally delete it, or if you lose it in a hard drive failure, you will permanently lose access to your encrypted messages.
  • IS&T does not provide support for S/MIME at this time, so we cannot help you configure or troubleshoot it. You should use S/MIME only if you have local technical support resources who are willing and able to help you. Otherwise, you use it at your own risk.

Additional Information

If you are unsure if you are using S/MIME and want to confirm if you are or are not, follow the instructions below.

Outlook 2019 (Windows)

  1. Under the Files tab, select Options then Trust Center then on Trust Center Settings.


  2. Select the Email Security tab.
  3. In this window, the user is not configured for S/MIME and this is the default setting.
  4. Click on Settings.


  5. In the Settings window below, you can see that the user is configured for S/MIME using their personal certificate.

Outlook 2016 (Windows)

  1. Under the File menu, select Options then Trust Center.


  2. Select E-mail Security.  This shows that the user is not configured to use S/MIME.


  3. Select Settings in the previous window.
  4. In this case, you can see that the user is configured for S/MIME using their personal certificate.


O365 Outlook Web Access (OWA)

Note: This is the version of OWA only accessible using Internet Explorer 9 and above for S/MIME.

  1. On the top, right hand corner of the screen, select the wheel and Settings will open.  At the bottom, select Mail.


  2. On the left you will see Mail Options.
  3. Select S/MIME.


  4. If they are unchecked, you are not using S/MIME.


  5. Look to see if Encrypt contents and attachments of all outgoing messages and Add a digital signature to all outgoing messages check boxes are checked.
  6. If they are checked, you are using S/MIME.

Most users will not have these boxes checked and you do not need them checked.

2013 Outlook Web Access  (OWA)

Note: This is also a version of OWA only accessible using Internet Explorer 9 and above for S/MIME.

  1. On the top, right hand corner of the screen, select the wheel and Settings will open.
  2. At the bottom, select Mail.

Outlook 2019 (Mac)

  1. In the Outlook menu, under Tools, choose Accounts and select your Exchange account.
  2. Click on the Advanced tab then select the Security tab.


  3. In this case, you can see that the user is not configured for S/MIME using their personal certificate.
  4. Look to see if you have a certificate listed in the Signing Certificate and Encryption Certificate fields.
  5. If there are certificates listed here, you are using S/MIME. Most users will not have a certificate listed here and do not need one. If these fields are blank, you are not using S/MIME.
  • Using S/MIME:

Outlook 2016 (Mac)

  1. In the Outlook menu, under Tools, choose Accounts and select your Exchange account.
  2. Click on the Advanced tab then select the Security tab.
  3. Look to see if you have a certificate listed in the "Digital Signing" and "Encryption" fields. If there are certificates listed here, you are using S/MIME.


  4. Most users will not have a certificate listed here and do not need one.* If these fields are blank, you are not using S/MIME.

Apple Mail

In Apple Mail, as long as you have a Personal Certificate installed in your Keychain Access (for example if you have installed certificates in Safari), you can choose to sign your messages with that certificate.

  1. Once mail is open click New Message. In the New Message window type in who you want to send it to and the email information (subject and message contents).
  2. To the right look for a star in the middle of the blue button.
  3. If the star button has a Check in the middle of it then you are using S/MIME.
  4. If the star button has an X or the if the star shaped button is missing, then you are not using S/MIME.
  5. If you want to turn S/MIME off, deselect the check mark within the star field.
  • Using S/MIME


  • Not Using S/MIME
    No Check

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

August 11, 2020

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
c-email c-email Delete
email email Delete
encryption encryption Delete
s/mime s/mime Delete
outlook outlook Delete
apple_mail apple_mail Delete
mail mail Delete
security security Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki