Enable S/MIME

  • Release version: Yokohama
  • Updated January 30, 2025
  • 1 minute to read

    • Configure S/MIME settings for inbound and outbound email.

    Enable S/MIME for Inbound and Outbound emails

    You can configure email properties from the Email Properties page through the System Mailboxes or System Properties module.

    Email properties are available from either of these modules:
    • System Mailboxes > Email Properties
    • System Properties > Email Properties

    Outbound S/MIME configuration

    For encryption, you must upload the email certificate for the recipients in PEM format and the CA certificates for the issuing authority. For more information, see Upload an email certificate and Upload a CA certificate.

    For signing, you must upload the email account key pair in P12 format. For more information, see Import an S/MIME key pair.

    Table 1. Outbound S/MIME configuration properties
    Configuration Related property
    Digitally sign your outbound emails. email.outbound.smime.signing.enabled
    Send a public certificate in the outbound email. email.outbound.smime.signing.send_public_cert
    Encrypt message contents and attachments. email.outbound.smime.encryption.enabled
    Encryption algorithm. Select AES-CBC or AES-GCM.
    Note:
    Before selecting AES-GCM, check whether GCM is supported by the client for S/MIME.
    		 email.outbound.smime.encryption.algo

    Inbound S/MIME configuration

    For decryption, you must upload the email certificate for the recipients in PEM format and the CA certificates for the issuing authority. For more information, see Upload an email certificate and Upload a CA certificate.

    For signature verification, you must upload the email account key pair in P12 format. For more information, see Import an S/MIME key pair.

    Table 2. Inbound S/MIME configuration properties
    Configuration Related property
    Verify the signature for inbound emails. email.inbound.smime.verify_sign
    Decrypt inbound emails. email.inbound.smime.decrypt

    Enable S/MIME for email notification form

    To digitally sign or encrypt your emails, go to All > Email > Notifications, select New and select the Digitally sign your emails check box for digitally signing emails and Encrypt emails check box for email encryptions.

    Figure 1. Enable S/MIME for email notification form
    Enable S/MIME for email notification form

    For more information, see Create an email notification.

    Enable S/MIME for email client

    In the compose email form, select the Digitally sign your emails check box for digitally signing emails and Encrypt emails check box for email encryptions.

    Figure 2. Enable S/MIME for email client
    Enable S/MIME for email client