This guide is optimized for installing and using certificates with Microsoft Outlook 2016 to sign and encrypt emails. You can find this guide at https://www.globaltrust.eu/static/outlook-anleitung.pdf
In order for signers to be able to create valid signatures when sending emails, the necessary private keys and certificates must be installed in the Microsoft certificate management. The installation process is required once for the Signator.
If the mail recipient has a current Microsoft operating system (including the updates recommended by Microsoft), no activities are required on his part. Signed emails are recognized automatically. Troubleshooting certificate usage in Outlook.
The documentation also contains instructions on how to use the GLOBALTRUST LDAP server and help on setting up an Outlook account for the first time.
The documentation also includes previous guidance for Outlook 2013 and Outlook 2007/2010.
Quick installation for experienced users
- Download the PKCS#12 file from GLOBALTRUST and install it in the Windows certificate manager with a double-click
- In the Outlook options select the settings for the trust center
- Under E-mail security select “Settings…” for Encrypted e-mail messages
- Select signature and encryption certificate, switch hash algorithm to “SHA256”.
Compose a new message
Show options ribbon
Press the Sign or Encrypt button → Send
To encrypt a message, a certificate from the recipient is required (see documentation)
GLOBALTRUST creates private key and certificate
If GLOBALTRUST creates the private key and issues the certificate, the signer receives a single file in PKCS#12 format (.P12 extension) that contains the private key, their own certificate and all information on the certification path.
After successful installation (see below) you will receive a certification path that looks like this:
“GLOBALTRUST” → “GLOBALTRUST CLIENT 1” → “your end user certificate” or
“GLOBALTRUST 2015 ” → “GLOBALTRUST 2015 CLIENT 1” → “your end user certificate” or
“GLOBALTRUST 2020 ” → “GLOBALTRUST 2020 CLIENT 1” → “your end user certificate”
Note: due to specific requirements, other certificate chains are also possible, but they all start with GLOBALTRUST.
Certificate usage in Outlook with multiple email addresses
Outlook only accepts certificates for signing e-mails that contain exactly the same e-mail address as the active user account. If someone wants to sign at different email addresses, then he needs several certificates. You can find out how to display the certificates here.
You might be interested in that
While digitization reached almost every aspect of daily work, the necessity for handwritten signatures in B2B environments preserves printing paper its crucial role – and incurs costs. However, by implementing e-signatures, businesses can reduce expenses, streamline processes, and contribute to a more sustainable...
QES & Competition Law – European Commission to require electronic signatures from 1st September, 2023
To further simplify merger control procedures and in line with its overall digital strategy, the European Commission has published a number of revised legal texts, including one that will make electronic transmission of electronically signed documents the default method from 1 September 2023. Read on to find out...
User guide for signing and encrypting emails with the GLOBALTRUST CLIENT certificate on your Apple iPhoneAs of May 10, 2023 1 Basic 1.1 Goals of this document A step-by-step guide on how to add the certificate to your iPhone to then sign and/or encrypt emails. This guide was created for an Apple iPhone (iOS version:...