Install S/MIME email encryption certificate on Thunderbird

· 279 words · 2 minute read

Step 1: Import certificates 🔗

In this step we will import your personal certificate. Please open Thunderbird and navigate to

Tools > Options > Advanced > View Certificates

Under Your certificates, you can see your own certificates. People shows other user’s public certificates.

To import your own certificate click Import and select the .p12 file you received by email.

After entering the certificate password you received by email, you should see your Name and expiration information.

If you received additional certificates, install them in the same way.

Step 2: Set up certificate with email account. 🔗

In this part we will connect your newly installed certificate with your email account. Please open:

Tools > Account settings > Security

By clicking the Select button you can choose any of your installed certificates. It’s important to pick the right certificate for the right account. E.g. the account for should also use the certificate that is issued to

While not necessary, it’s recommended to enable Sign message by default. Signing ensures that other users get your public key and can send encrypted emails to you.

Step 3: Sending encrypted emails 🔗

Now it’s time to start sending encrypted emails. When writing a new email, you can enable signing or encryption with the Security button. When clicking the button, you will see more detailed information for each recipient.

Step 4 (optional): Manually install contact’s certificates 🔗

Thunderbird does a good job in collecting public certificates, when you recieve a signed email. If you should ever send an email to a new recipient, you can also add his public certificate manually by opening the certificate manager from step 1 and importing their certificate files with Import.