Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

S\MIME Encryption on Outlook

Posted on 2016-08-14
12
Medium Priority
?
110 Views
Last Modified: 2016-09-24
hello,

We have enabled S\MIME encryption on outlook for some users but we are facing issue once we send signed message or encrypted that it is received as attachment. can we solve this ?

Regards,
0
Comment
Question by:fadyaz
  • 4
  • 2
  • 2
  • +2
11 Comments
 
LVL 15

Expert Comment

by:Alexei Kuznetsov (Outlook MVP)
ID: 41755584
What email clients are on the recipient side?
0
 
LVL 2

Author Comment

by:fadyaz
ID: 41755587
Outllok on windows

It is happened with all clients recipients on windows or phone.
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 41758733
have you exchanged public keys? The recipient must have your public key
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points (awarded by participants)
ID: 41763995
On mobile check
Enable S/MIME on the device

From the Windows Phone device perform the following steps:

Open the company email account.

Tap the … to open the menu window.

Tap settings.

Tap sync settings.

To sign messages with S/MIME, slide the Sign with S/MIME bar to the On position.

To encrypt messages with S/MIME, slide the Encrypt with S/MIME bar to the On position.

Tap the Check mark to save the sync settings.
https://msdn.microsoft.com/en-us/library/dn643699.aspx

Also check the EAS setting

Exchange ActiveSync mailbox policies let you apply a common set of policy or security settings to a user or group of users.

Enable S/MIME for Exchange ActiveSync following these steps:

Open the Exchange Management Shell
Run the command Get-Mobile

Verify that the policy settings in the following table are configured:
....
see any specific exchange errors and see if the user can to themselves to test as well.
0
 
LVL 41

Assisted Solution

by:noci
noci earned 500 total points (awarded by participants)
ID: 41764211
Before you can encrypt you need to exchange public keys. And all devices you want to transmit from needs the private key for the mail address.

Be careful with hosted services, the SMTP sending device needs the keys, with hosted services the device is owned by the hoster (so it conectent is accessible to the hoster) , that hoster can disguise as you indistinguishable from you. So there is never security there, for some things like confidentiality the cloud, as such, is not a solution.
IMHO Windows 10 devices count as hosted devices as Microsoft reserved the right to upload anything from your device, that might include the private keys needed for encryption.
0
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points (awarded by participants)
ID: 41764250
Do ensure the below certificate are installed e.g.
- Trusted root CA certificate (Computer certificate store - Root)
- User certificate (Include email address in subject name, Email address, User principal name (UPN)) stated in the cert and for your account cert store in the Certificates – Current User)

As a whole you need to setup the digital ID, based on how you get the certificate, you can provision SMIME as per the link

http://searchexchange.techtarget.com/tutorial/Using-S-MIME-in-Microsoft-Outlook
0
 
LVL 84

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 500 total points (awarded by participants)
ID: 41764483
The easiest way to exchange keys is for each user in the conversation to send a signed message and each recipient double clicks the certificate and installs it.
0
 
LVL 2

Author Comment

by:fadyaz
ID: 41782461
is this working on mac also?
0
 
LVL 41

Assisted Solution

by:noci
noci earned 500 total points (awarded by participants)
ID: 41784379
If S/MIME is supported by your mail package Yes.
After the association of the email address with a public key (using a signed message)
Encryption can be used.  Note that your private key should always be with you, and never be uploaded to some web-based service unless you control (have physical owner ship & posession) of the system the service is placed on.
0
 
LVL 65

Accepted Solution

by:
btan earned 1000 total points (awarded by participants)
ID: 41784510
Mac outlook client support SMIME as long as you import the certificate (PFX for containing private key) into the Mac Keyring.

https://technet.microsoft.com/en-us/library/jj984223(v=office.16).aspx
0
 
LVL 65

Expert Comment

by:btan
ID: 41813551
As shared and advised in the post.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Still wondering grappling over to strengthen your password, worry no more. Choose a Strong Passphrase instead though second factor is highly recommended. Read on more on the how-to and tips to enhance your "password" using easier to remember passphr…
Often, the users face difficulty in accessing Outlook 2016 PST files on Windows 10 computer. One of the reasons behind it is the improper functioning of MS Outlook when the user tries to open it. MS Outlook suddenly stops working, or it will not op…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question