Grid user certificates from GEANT TCS/Sectigo can also be used for email encryption with the S/MIME standard.
Since the various email programs handle S/MIME encryption differently, we can give only a rough general guide.
Basic Steps
- import your grid user certificate into your email program
- assign the certificate to your DESY email account in your mail program
- configure the encryption settings
- for somebody else to send you an encrypted email, he or she will need to have received previously a signed email from you (where your certificate is used to create the signature)
- do not send other people your certificate - but only use it to create signatures for your emails
- when you sign your outgoing mail by default, your recipients will (normally) automatically store your encryption details
- if you want to send somebody else an encrypted email, he or she will need to have their own certificate (and send you a signed email before, so that your email program can use the signature details)
Thunderbird
