|
Internet Explorer 5/Outlook Express
Overview
Downloading Certificates
Downloading the WISeKey
Root Certificate
Managing Certificates
Exporting a Certificate
Using Internet Explorer
5
Using
Outlook Express
Importing a Certificate
Using Internet Explorer
5
Using
Outlook Express
Viewing Information about a Certificate
Removing a Certificate
Using Internet Explorer
5
Using
Outlook Express
Digitally Signing Messages
Digitally Signing an E-mail
Message with Outlook Express
Choosing a Default
Certificate for Sending Messages
Signing an Individual
Outgoing Message
Automatically Signing
All Outgoing Messages
Encrypting Messages
Encrypting an E-mail Message
with Outlook Express
Adding
a Certificate to Your Address Book
Encrypting
Individual Outgoing Messages
Automatically Encrypting
all Outgoing Messages
Overview
ECPKI CA certificate center
provides certificates for personal and business use.
You can use the site to download the WISeKey Common Global
Root certificate, request a demo, High Trust, or WISe-Server
certificate, and retrieve the certificate. Once you
have a certificate, you can use it to digitally sign and encrypt
e-mail messages or to provide authentication in Web transaction.
This document provides procedures for managing
certificates, and using them for secure e-mail. This
manual guides you through the following tasks:
- Download the WISeKey Common Global root
certificate
- Export certificates
- Import certificates
- View information about certificates
- Validate certificates
- Remove Certificates
- Digitally sign e-mail messages
- Encrypt e-mail messages
Downloading
the WISeKey Common Global Root Certificate
You must have a copy of the WISeKey Common Global
root certificate present in your system before you can begin
using your ECPKI certificate. The root is pushed to
the browser when you retrieve your certificate; however, if
for some reason the root gets deleted or you need to install
it separately, it can be downloaded from the WISeKey Web site
using these procedures.
Complete the following steps to download the
root certificate using Internet Explorer:
|
1.
|
Launch Internet Explorer.
|
|
2.
|
Navigate to WISeKey's certificate
center at http://www.wisekey.com/install.
|
|
3.
|
Click the “How to install the WISeKey
Common Global Root ” link. The WISeKey
Common GLobal Root Certificate Download page appears.
|
|
4.
|
The Certificate Download Instructions
appear. Follow the instructions on this page.
|
Exporting a Certificate
You can export a certificate using either Internet
Explorer 5 or Outlook
Express.
Using Internet Explorer
5
Complete the following steps to export a certificate
from Internet Explorer 5:
|
1.
|
Open Internet Explorer 5.
|
|
2.
|
Select Tools-->Internet Options. The
Internet Options dialog box appears.
|
|
3.
|
Click the Content tab.
|
|
4.
|
Click the Certificates button. The Certificate
Manager dialog box appears.
|
|
5.
|
Click the Personal tab.
|
| |
The tab lists your certificates and lets
you choose a certificate for export and import.
|
|
6.
|
Select the certificate to export.
|
|
7.
|
Click the Export button. The Certificate
Manager Export Wizard appears.
|
Follow the instructions to complete the wizard.
Select these options in the following screens:
|
Screen
|
Action
|
|
Export Private Key with Certificate
|
Select the "Yes, export the private
key" button.
|
|
Certificate Export File
|
Select the "Personal Information
Exchange" and "Enable strong protection"
options.
|
|
Password Protection for the Private Key
|
In the Password and Confirm
password fields, enter a password for your certificate.
|
|
Export File Name
|
In the File name field, enter the
path and filename to which you want to export the certificate.
|
After you have completed the wizard, a message
appears that says, "The export was completed successfully."
|
8.
|
Click OK. You have completed the export
process.
|
Using Outlook
Express
Complete the following steps to export your
certificate using Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Select Tools-->Options. The Options
dialog box appears.
|
|
3.
|
Click the Security tab.
|
|
4.
|
Click the Digital IDs button. The Certificate
Manager dialog box appears.
|
|
5.
|
Click the Personal tab to list your certificates.
|
|
6.
|
Select the certificate to export.
|
|
7.
|
Click the Export button. The Certificate
Manager Export Wizard appears.
|
Follow the instructions to complete the wizard.
Select these options in the following screens:
|
Screen
|
Action
|
|
Export Private Key with Certificate
|
Select the "Yes, export the private
key" button.
|
|
Certificate Export File
|
Select the "Personal Information
Exchange" and "Enable strong protection"
options.
|
|
Password Protection for the Private Key
|
In the Password and Confirm
password fields, enter a password for your certificate.
|
|
Export File Name
|
In the File name field, enter the
path and filename to which you want to export the certificate.
|
After you have completed the wizard, a message
appears that says, "The export was completed successfully."
|
8.
|
Click OK. You have completed the export
process.
|
Importing a Certificate
You can import a certificate using either Internet
Explorer 5 or Outlook
Express.
Using Internet Explorer
5
Complete the following steps to import a certificate
using Internet Explorer 5:
|
1.
|
Open Internet Explorer 5.
|
|
2.
|
Select Tools-->Internet Options. The
Internet Options dialog box appears.
|
|
3.
|
Click the Content tab.
|
|
4.
|
Click the Certificates button. The Certificate
Manager dialog box appears.
|
|
5.
|
Click the Personal tab to list your certificates.
|
|
6.
|
Click the Import button. The Certificate
Manager Import Wizard appears.
|
Follow the instructions to complete the wizard.
Select these options in the following screens:
|
Screen
|
Action
|
|
Select File to Import
|
In the File name field, enter the
path and filename for the certificate you want to import.
|
|
Password Protection for Private Keys
|
Enter a password to use for the certificate.
Check the "Enable strong private key protection"
and "Mark the private key as exportable" check
boxes.
|
|
Select a Certificate Store
|
Select the "Automatically select
the certificate store based on the type of certificate"
option.
|
After you have completed the wizard, the Private
Key Container dialog box appears. As the default, the security
level is set to Medium.
|
7.
|
If desired, click Set Security Level to
change the security level to High or Low.
If you choose to set the security level
to High, the Private Key Container dialog box appears.
a. Select the "Create a new password
for this item" option.
b. In the Password for field, enter a name for the certificate
you are importing.
c. In the Password field, enter a new password for the
certificate. Enter the password again in the Confirm
field.
d. Click Finish.
|
|
8.
|
A message appears that says, "The
import was successful." Click OK.
|
| |
You have completed the import process.
|
Using Outlook
Express
Complete the following steps to import a certificate
using Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Select Tools-->Options. The Options
dialog box appears.
|
|
3.
|
Click the Security tab.
|
|
4.
|
Click the Digital IDs button. The Certificate
Manager dialog box appears.
|
|
5.
|
Click the Personal tab to list your certificates.
|
|
6.
|
Select the certificate to import.
|
|
7.
|
Click the Import button. The Certificate
Manager Import Wizard appears.
|
Follow the instructions to complete the wizard.
Select these options in the following screens:
|
Screen
|
Action
|
|
Select File to Import
|
In the File name field, enter the
path and filename for the certificate you want to import.
|
|
Password Protection for Private Keys
|
Enter a password to use for the certificate.
Check the "Enable strong private key protection"
and "Mark the private key as exportable" check
boxes.
|
|
Select a Certificate Store
|
Select the "Automatically select
the certificate store based on the type of certificate"
option.
|
After you have completed the wizard, the Private
Key Container dialog box appears. As the default, the security
level is set to Medium.
|
8.
|
If desired, click Set Security Level to
change the security level to High or Low.
If you choose to set the security level
to High, the Private Key Container dialog box appears.
a. Select the "Create a new password
for this item" option.
b. In the Password for field, enter a name for the certificate
you are importing.
c. In the Password field, enter a new password for the
certificate. Enter the password again in the Confirm
field.
d. Click Finish.
|
|
9.
|
A message appears that says, "The
import was successful." Click OK.
|
|
10.
|
You have completed the import process.
|
Viewing Information about
a Certificate
Complete the following steps to view information
about a certificate, such as its serial number or fingerprint:
|
1.
|
Open Internet Explorer 5.
|
|
2.
|
Select Tools-->Internet Options. The
Internet Options dialog box appears.
|
|
3.
|
Click the Content tab.
|
|
4.
|
Click the Certificates button. The Certificate
Manager dialog box appears.
|
|
5.
|
Select the certificate to view, then click
the View button. The Certificate dialog box appears,
containing information about the certificate.
|
Removing
a Certificate
You can remove a certificate using either Internet
Explorer 5 or Outlook
Express.
Using Internet Explorer
5
Complete the following steps to remove a certificate
using Internet Explorer 5:
|
1.
|
Open Internet Explorer 5.
|
|
2.
|
Select Tools-->Internet Options. The
Internet Options dialog box appears.
|
|
3.
|
Click the Content tab.
|
|
4.
|
Click the Certificates button. The Certificate
Manager dialog box appears.
|
|
5.
|
Click the Personal tab.
|
|
6.
|
Select the certificate to remove, then
click the Remove button.
|
|
7.
|
A message appears that asks whether you
are sure you want to delete the certificate. Click
Yes.
|
The certificate has now been deleted from the
system.
Using Outlook
Express
Complete the following steps to remove a certificate
using Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Select Tools-->Options. The Options
dialog box appears.
|
|
3.
|
Click the Security tab.
|
|
4.
|
Click the Digital IDs button. The Certificate
Manager dialog box appears.
|
|
5.
|
Click the Personal tab.
|
|
6.
|
Select the certificate to remove, then
click the Remove button.
|
The certificate has now been deleted from the
system.
Digitally Signing Messages
Digitally
Signing an E-mail Message with Outlook Express
With Microsoft Outlook Express, you can digitally
sign your outgoing e-mail messages.
Signing a message does not affect contents of
the message or protect the message from being intercepted
and read by someone other than the intended recipient. To
ensure that only the intended recipient can read the message,
you must also encrypt the message. If the recipient of a signed
message does not use an S/MIME-enabled e-mail package, that
person can still read the message—your digital signature
simply shows up as an attachment.
The Signed icon indicates that a message has
been signed. When you receive a signed message, the icon appears
in the upper right corner of the message.
You can sign individual messages or configure
your e-mail security options to automatically sign all of
the e-mail messages you send. For information on selecting
the certificate to use when signing messages, see Choosing a Default Certificate for Sending Messages.
Choosing a Default Certificate
for Sending Messages
Before sending a digitally signed message, you
must choose a certificate to use for signing or encrypting
messages. Complete the following steps to choose a default
certificate for sending messages in Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Select Tool-->Accounts. The Internet
Mail dialog box appears.
|
|
3.
|
Click the Mail tab.
|
|
4.
|
Select the e-mail account for which you
want to select a certificate.
|
|
5.
|
Click the Properties button. The Mail
Properties dialog box appears.
|
|
6.
|
Click the Security tab.
|
|
7.
|
Check the "Use a digital ID when
sending secure messages from" check box.
|
|
8.
|
Click the Digital ID button.
|
|
9.
|
Select the certificate you want to use
to sign messages for the account, then click OK.
|
Your messages from the designated account will
now be signed using the selected certificate.
Signing an Individual
Outgoing Message
Complete the following steps to digitally sign
an individual e-mail message in Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Click the New Mail button to begin a new
message. A new message window appears.
|
|
3.
|
Click the Sign button in the toolbar.
|
The Signed icon is displayed on the right side
of the address pane, indicating that the message is signed.
Note: The Sign button is a toggle button.
Clicking it again removes your digital signature from the
message.
Automatically Signing All
Outgoing Messages
Complete the following steps to configure your
e-mail preferences to sign all messages in Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Select Tools-->Options. The Options
dialog box appears.
|
|
3.
|
Click the Security tab.
|
|
4.
|
Check the "Digitally sign all outgoing
messages" check box.
|
|
5.
|
Click OK.
|
| |
Now all outgoing messages will be signed
automatically.
|
Encrypting Messages
Encrypting
a Message with Outlook Express
E-mail messages are relatively easy to intercept
and read. With Outlook Express, you can encrypt your e-mail
messages so that only the intended recipients can read them.
To encrypt a message, you must have a copy of
the intended recipient's certificate. The easiest way to get
a copy of someone's certificate is to have them send you a
signed message. When you receive a signed message, you can
store the sender's certificate in your address book. For more
information about storing certificates in your address book,
see Adding a Certificate to
Your Address Book.
The Encrypted icon indicates that a message
has been encrypted. When you receive an encrypted message,
Outlook Express automatically unencrypts the message and displays
the Encrypted icon when the message is viewed.
You can encrypt individual messages or configure
your e-mail security options to automatically encrypt all
e-mail messages to recipients whose certificates are stored
in your address book. For information on selecting the certificate
to use when encrypting messages, see Choosing
a Default Certificate for Sending Messages.
Adding a Certificate
to Your Address Book
Before you can send an encrypted message, you
must have the recipient’s digital signature. Complete
the following steps to add a digital signature to your address
book in Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Open an e-mail message from the sender
that you want to add to your address book.
|
|
3.
|
Right-click on the return address.
|
|
4.
|
In the pop-up menu, click Add to Address
Book. A dialog box containing the sender's information
appears.
|
|
5.
|
Click OK.
|
| |
The sender's information is added to your
address book.
|
Encrypting Individual
Outgoing Messages
Complete the following steps to encrypt an individual
outgoing message in Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Click the New Mail button to begin a new
message. A new message window appears.
|
|
3.
|
In the Tools menu, click the Encrypt Message
option.
|
The Encrypted icon appears on the right side
of the address pane, indicating that the message is encrypted.
Note: The Encrypt Message option is a toggle
option. Clicking it again removes the encryption from the
message.
Automatically Encrypting
all Outgoing Messages
Complete the following steps to encrypt all
outgoing messages automatically in Outlook Express:
|
1.
|
Open Outlook Express.
|
|
2.
|
Select Tools-->Options. The Options
dialog box appears.
|
|
3.
|
Click the Security tab.
|
|
4.
|
Check the "Encrypt contents and attachments
for all outgoing messages" check box, then click
OK.
|
| |
Now all outgoing messages will be encrypted
automatically.
|
> Back to
Top
|
