S/MIME certificates prove the identity of online users by allowing you to digitally sign and encrypt emails.
A digital signature is equivalent to a handwritten signature or a stamped seal, but offers far more inherent security. A digital signature makes forgery and impersonation impossible and it provides absolute authenticity and integrity to all of your messages.
End-to-end encryption (E2EE) is a method to secure data when it is sent from a source to a destination. With end-to-end encryption, data is encrypted on the sender’s system and only the intended recipient can decrypt it. Nobody in between can read or tamper with it.
Digitally signed emails help counter email spoofing and phishing attacks, the sender’s identity is clearly presented to the email recipients to help differentiate from maliciously spoofed emails.
Email security is seamless across multiple platforms and devices. Secure deployment to desktops and personal devices using same key and certificate(s). Supports Microsoft Windows, Mac OS X, iOS, and Android platforms.
Encrypt emails to protect contents in transit and at rest with S/MIME encryption.
Get quick answers to common questions about the encrypting email messages and digitally signing mail with digital certificates.
S/MIME secures emails by using a set of mathematically related keys – a private key and a public key. When you send an email, it’s encrypted with your recipient’s public key, which in turn means it can only then be decrypted by their own private key. That way, unless your private keys are compromised, only your intended recipient can access the secure data in your emails. Both the sender and recipient will need to have the ability to use secure multipurpose internet mail extensions (S/MIME email).
In addition to encryption and sending encrypted messages, S/MIME also gives you the option of providing a digital signature to your emails, verifying that the sender is legitimate. By using your private encryption key, all your emails can feature a digital signature proving that you are the sender.
You do not need to be using our email servers to start signing and encrypting your email messages. You can actually start signing and encrypting any emails that are sent through an email client (Outlook, Mac Mail, EM Client) or native mobile device. Webmail services like Gmail do not support S/MIME. You will only be able to sign and encrypt Gmail emails if they are sent through an email client.
Currently it is possible to order a certificate from the certificate authority for 1 month, 1 year or 3 years.
Yes, providing you mark the private key as exportable, it can be installed on multiple devices with one email address.
Please see the guide to download and install the certificate to begin sending signed messages.
The certificate pickup password you set during the order process is required for downloading the certificate. If you do not remember this password, you must cancel and reorder the signing certificate.