This guide is optimized for installing and using certificates with Microsoft Outlook 2016 to sign and encrypt emails. You can find this guide at https://www.globaltrust.eu/static/outlook-anleitung.pdf
In order for signers to be able to create valid signatures when sending emails, the necessary private keys and certificates must be installed in the Microsoft certificate management. The installation process is required once for the Signator.
If the mail recipient has a current Microsoft operating system (including the updates recommended by Microsoft), no activities are required on his part. Signed emails are recognized automatically. Troubleshooting certificate usage in Outlook.
The documentation also contains instructions on how to use the GLOBALTRUST LDAP server and help on setting up an Outlook account for the first time.
The documentation also includes previous guidance for Outlook 2013 and Outlook 2007/2010.
Quick installation for experienced users
- Download the PKCS#12 file from GLOBALTRUST and install it in the Windows certificate manager with a double-click
- In the Outlook options select the settings for the trust center
- Under E-mail security select “Settings…” for Encrypted e-mail messages
- Select signature and encryption certificate, switch hash algorithm to “SHA256”.
Compose a new message
Show options ribbon
Press the Sign or Encrypt button → Send
To encrypt a message, a certificate from the recipient is required (see documentation)
GLOBALTRUST creates private key and certificate
If GLOBALTRUST creates the private key and issues the certificate, the signer receives a single file in PKCS#12 format (.P12 extension) that contains the private key, their own certificate and all information on the certification path.
After successful installation (see below) you will receive a certification path that looks like this:
“GLOBALTRUST” → “GLOBALTRUST CLIENT 1” → “your end user certificate” or
“GLOBALTRUST 2015 ” → “GLOBALTRUST 2015 CLIENT 1” → “your end user certificate” or
“GLOBALTRUST 2020 ” → “GLOBALTRUST 2020 CLIENT 1” → “your end user certificate”
Note: due to specific requirements, other certificate chains are also possible, but they all start with GLOBALTRUST.
Certificate usage in Outlook with multiple email addresses
Outlook only accepts certificates for signing e-mails that contain exactly the same e-mail address as the active user account. If someone wants to sign at different email addresses, then he needs several certificates. You can find out how to display the certificates here.
You might be interested in that
Sign and encrypt emails using an Apple iPhone
User guide for signing and encrypting emails with the GLOBALTRUST CLIENT certificate on your Apple iPhoneAs of May 10, 2023 1 Basic 1.1 Goals of this document A step-by-step guide on how to add the certificate to your iPhone to then sign and/or encrypt emails. This guide was created for an Apple iPhone (iOS version:...
Sign and encrypt with the UPC token in Outlook
User guide for signing and encrypting emails using the GLOBALTRUST UPC token V2.0 (issued from May 15, 2023) in Microsoft Outlook.As of May 9, 2023 1 Basics 1.1 Goals of this document A step-by-step guide on how to add the certificate in Microsoft Outlook to sign and/or encrypt emails.These instructions were created...
On letters, stamping and (e-)seals
On letters, stamping and (e-)seals Still stamping or already sealing? Fully automated and at the highest security level? If no, you should think about it: You can use the electronic seal as a digitization turbo and make it the central game changer of your organization. Did you know that there are administrative...