S/MIME certificates prove the identity of online users by allowing you to digitally sign and encrypt emails.
A digital signature is equivalent to a handwritten signature or a stamped seal, but offers far more inherent security. A digital signature makes forgery and impersonation impossible and it provides absolute authenticity and integrity to all of your messages.
End-to-end encryption (E2EE) is a method to secure data when it is sent from a source to a destination. With end-to-end encryption, data is encrypted on the sender’s system and only the intended recipient can decrypt it. Nobody in between can read or tamper with it.
Digitally signed emails help counter email spoofing and phishing attacks, the sender’s identity is clearly presented to the recipient to help differentiate from maliciously spoofed emails.
Email security is seamless across multiple platforms and devices. Secure deployment to desktops and personal devices using same key and certificate(s). Supports Microsoft Windows, Mac OS X, iOS, and Android platforms.
Encrypt emails to protect contents in transit and at rest
Get quick answers to common questions about the encrypting email and digitally signing mail.
S/MIME secures emails by using a set of mathematically related keys – a private key and a public key. When you send an email, it’s encrypted with your recipient’s public key, which in turn means it can only then be decrypted by their own private key. That way, unless your private keys are compromised, only your intended recipient can access the secure data in your emails.
In addition to encryption, S/MIME also gives you the option of providing a digital signature to your emails, verifying that the sender is legitimate. By using your private encryption key, all your emails can feature a digital signature proving that you are the sender.
You can actually start signing and encrypting any emails that are sent through an email client (Outlook, Mac Mail, EM Client) or native mobile device. Webmail services like Gmail do not support S/MIME. You will only be able to sign and encrypt Gmail emails if they are sent through an email client.
Currently it is possible to order a certificate for 1 month, 1 year or 3 years.
Yes, providing you mark the private key as exportable, it can be installed on multiple devices.
Please see the guide to download and install the certificate.
The certificate pickup password you set during the order process is required for downloading the certificate. If you do not remember this password, you must cancel and reorder the certificate.