Secure Email (Outlook Express) with Digital Certificate

Part I: Export of Digital Certificate and Private Key

Login as administrator onto Certificate Server (Windows server 2003 with IP xxx.xxx.xxx.xxx) 

 Step-I.  Active Directory User Creation

            Start à Programs à Administrative Tools à Active directory users & computers à right click testcert.digitalcert.com à new à user à create user by giving required details.

Right click on newly created user à properties à Enter e-mail id for the user under       E-mail field à apply à OK

 Step-II. Digital Certificate Creation

            Open Internet Explorer with URL             http://xxx.xxx.xxx.xxx/certsrv  login with newly created username and password.

            Request a certificate à Advanced certificate request à Create and submit a request to this CA à Change following settings in the Advanced certificate request window, change to user in certificate template, enter friendly name as user name, click submit à yes (do you want to request a certificate now) à Install this certificate à yes (Do you want to add this certificate now) à close Internet Explorer after Certificate Installed message displays.

Step-III. Digital Certificate Export

Start à Programs à Administrative Tools à Certification Authority à testcertrootca (Under Certification Authority Console) à Issued certificates à Newly created certificate for the user will be shown in bottom, double click it à Details tab à copy to file à (Export wizard window will be displayed) next à Select Cryptographic message syntax standard PKCS#7 certificate and tick Include all certificates in the certification path if possible, click next à Enter file name, select file type as PKCS#7 (*.p7b) à Finish à OK à OK (Closes certificate window) à close Certification Authority console.

 Step-IV. Private Key Export

             Start à Run à In open box type certmgr.msc, click OK à  (Certificate manager console will be displayed) Personal à certificates à right click on newly created user certificate à all tasks à export à (Certificate Export wizard will be displayed) next à yes export the private key à next à enter password (give user name) à Enter file name, select file type as *.pfx à next à Finish à OK à Close certificate manager console 

Part-II.  Steps for Import and Configure of Digital Certificate into Outlook Express of a PC

  

Copy Digital certificates and Private Key from Certificate server to PC

Step-I. Import Private Key to Certificate Store

Open Internet Explorer à tools à internet options à content à certificate à advanced à tick all in certificate purpose à OK à Import à (Certificate Import wizard window will be displayed) next à Enter file name, *.pfx à enter password (give user name), click next à next à finish à OK (Import Successful) à close à OK (Closes Internet Options) à Close Internet Explorer.

Step-II. Import Digital Certificate to Certificate Store

Open Internet Explorer à tools à internet options à content à certificate à Import à (Certificate Import wizard window will be displayed) next à Enter file name, *.p7b à next à finish à yes (Do you want to add the following certificate to the root store) à OK (Import Successful) à close à OK (Closes Internet Options) à Close Internet Explorer.

Step-III. Configuring Digital Certificate into Outlook Express

            Open Outlook Express à tools à accounts à mail à select default mail à properties à security à under Signing Certificate, click select à Select newly issued certificate, click OK à under Encryption Preferences, click select à Select newly issued certificate, click OK à apply à OK à close (account properties window).

Step-IV. Adding Other email user Digital Certificate to Address Book

Open Outlook Express à tools à address book à check for entry of other user e-mail id, if not found, create a new contact by giving name and e-mail address à select and right click on user e-mail id à properties à digital id’s à import à enter file name, file type *.p7b à OK à close address book.