Install S/MIME email encryption certificate on Apple iOS (iPad and iPhone)

Step 1: Install private certificate

You should have received your private certificate via email in an encrypted .p12 file. This file is password-protected to keep it save until it arrives on your device. It’s always recommended to distribute the .p12 file and corresponding password via separate channels.

osx:Users:manu:Downloads:ios-instructions:image1.png

 

After opening the attachment, iOS will offer to install the certificate as identity profile. Choose install.

osx:Users:manu:Downloads:ios-instructions:image2.png

 

If you happened to have a passcode on your device, iOS will ask you for your passcode and then the certificate password. Be sure to enter the right password at the right time. Generally passcodes are numeric only. Certificate passwords also have letters.

osx:Users:manu:Downloads:ios-instructions:image3.png

 

After completing the Certificate import, you can go to Settings > General > Profiles to verify it was successfully installed.

osx:Users:manu:Downloads:ios-instructions:image4.png

 

Step 2: Set up email account for encryption

Next we need to make sure iOS Mail actually uses the certificate for signing and encryption. To do so go to Settings > Mail, Contacts and Calendar. Under accounts you should see the email account you wish to use the certificate with. The name and provider may vary. It’s only important that the sender address matches the certificate address.

osx:Users:manu:Downloads:ios-instructions:image5.png

osx:Users:manu:Downloads:ios-instructions:image6.png

 

After you have confirmed that certificate address and sender address match, go back to the previous screen and select Advanced. At the bottom you will find a setting called S/MIME.

Be sure to have this option enabled and pick the right certificate for signing and encrypting. Usually you will only see one certificate to choose from.

osx:Users:manu:Downloads:ios-instructions:image7.png

osx:Users:manu:Downloads:ios-instructions:image8.png

osx:Users:manu:Downloads:ios-instructions:image9.png

osx:Users:manu:Downloads:ios-instructions:image10.png

 

Step 3: Sending encrypted emails

Once you have completed these steps, you should be able to send and receive encrypted and signed emails.

A lock sign will indicate whether you have a recipient’s public certificate and can encrypt.

Also be sure to choose the right sender address, in case you have more than one account installed on your phone.

osx:Users:manu:Downloads:ios-instructions:image11.png

 

Step 4 (optional): Install contact’s certificates

To send encrypted messages to other recipients it’s necessary to possess their public certificate. Public certificates are distributed by signing emails. This will not only verify the sender, but also give the recipient a chance to install a public certificate.

To install a public certificate click the contact’s name, choose ‘view certificate’ and then ‘install’.

osx:Users:manu:Downloads:IMG_0046.PNG

osx:Users:manu:Downloads:IMG_0047.PNG