Heya, I found how you can digitally sign and encrypt emails! (It even gives them a cool icon for others to see!), and I haven’t seen anything about it before so I thought I’d share how I did it!
Do you also want to send encrypted emails and sign them? Just follow these few steps!
Signed email : Email with a valid numerical signature. Anyone can read it and know it has not been modified since it was sent.
Encrypted email : Email encrypted with the recipient’s public key. They can decrypt it with their private key
S/MIME certificate : A .p12
file containing your private key (So keep it for yourself and don’t send it to anyone!!) and your public key.
Okay, now it’s time to…
Account settings
, End-to-end encryption
, underS/MIME
click on Manage S/MIME certificates
, Import
and pick your.p12
file. Then, pick Select a certificate
, and pick yours from the tab “Your certificates”.An image is worth a thousand words (Sorry for the french)
Don’t forget to check the box to sign and/or encrypt every message just below, if you want!
Once this is done, here is how you can communicate…
It’s easy, just click on “Sign” before sending. Usually, email clients show a small medal next to your name to show the email is signed.
For that, you’ll need your recipient’s public key. They needs to send you a signed message (not encrypted, since you don’t have each other’s key at this point) where you can get their public key from their signature, and add it to your email client, which will allow you to encrypt messages you send to them. Then, send them a signed email (you can encrypt it) so they can get your public key and add it to their client, and then you’ll be able to exchange encrypted emails!
I’m not an expert and probably made a few mistakes, if you spot any please tell me in the comments and I’ll try to fix the guide!
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
Ahh gotcha, that makes sense, so like the difference between a self signed SSL certificate and something like LetsEncrypt.
Re 2: I was thinking in the scenario to allow auto discovery of your certificate, so someone who is emailing you for the first time could look up your public key automatically and use it to encrypt their email.
Also, great writeup and thank you!
I don’t think it’s possible to do that, but I have no experience on this since I don’t use my own email server so I could very well be wrong.