Join Date: Apr 2002
Location: Houston, TX, USA
Email certificates and iPhones
For the longest times while I was an Android user I also found it very discomforting that the Google default email client is unable to handle email certificates. You just could not see whether the email you just got was legit or not. While there where way of looking int the header, I believe that is simply not something everyone or their grandmother is able to do. Heck I know enough "IT" admins and managers unable to achieve just that feat....
In any case I still dislike the fact that google email (web client) as well as the android client and I am fairly certain their new iOS client as well just cannot deal with S/MIME certificates.
So when I started to switch all our household to MacOS I was happy to learn certificates is something very easy to set up and very easy to handle in MacOS. But since I was still using Android at that time it still left that gap open that if an email was sent from my phone it would not have the certificate attached to allow the recipient to check. This weekend I finally sat down on my ass in an attempt to install the certificates I already have on my new iPhone. Frankly I didn't believe when I set out it would, but I was pleasantly surprised. And even more surprised that the installation process of two or more certificates and binding them to the two email addresses was literally a matter of minutes.
So here is the process if you have a MAC: Start your KeyChain utility (Applications/Utilities/Keychain Access), highlight the certificate in question, File\Export and export the Certificate as a .p12 file (the default) Just make sure that when you export the certificate you make sure that you provide a password for the certificate. The iPhone import process insists on a password at this stage.
Then upload the certificate to any web server of your choosing and point your iPhone browser to the file. It will immediately start the import process, you provide the password and voila ... you have the certificate for your email stored on your phone. Now the last step is on how to activate your certificate for your outgoing emails: This is also very easy: On the phone open Settngs\Mail and Contacts Select the email account you want to change then click on "Account" scroll down all the way to "S/MIME" and slide it on. From there you can select if outgoing emails will "only" be signed or even encrypted. Of course you can only encrypt emails if you have the public cert of the other party (at least you will have to have gotten a signed message of the other party at least once)
So now if *I* send emails no matter which device I send them from they will be signed.
'14 GSAW soon:
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Still in search of Occam's razor to cut a Gordian knot.