Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Emails signature / encryption with Microsoft Outlook

If you are using Outlook 2003 or higher, the certificate installed in Internet Explorer will be available for use in Outlook 2003. You'll then only have to activate the certificat use in Outlook.

Set-up

To do so on Outlook 2003:

  • Choose Tools / Options / Security and:
  • Tick: Add digital signature to outgoing messages
  • Tick: Send clear text signed message when sending signed messages
  • Untick: Encrypt contents and attachments for outgoing messages

To do so on Outlook 2007:

  • Choose Tools / TrustCenter / Email Security and:
  • Tick: Add digital signature to outgoing messages
  • Tick: Send clear text signed message when sending signed messages
  • Untick: Encrypt contents and attachments for outgoing messages
  • You can also import or export a digital certificate from here.
Outlook use by default the certificate saved in the Windows store and that is matching the e-mail address of the Outlook account.

Some former versions of Outlook (2000) cannot select automaticaly a certificate. In taht case:
  • Choose Tools / Options / Security / Setup Secure E-mail
  • Click the Choose button in the Signing Certificate section to select a certificate to use for e-mail digital signatures. Click OK.
  • click the Add digital signature to outgoing messages option

Run a test: Send a signed e-mail with Microsoft Outlook

Outlook is now ready, you can run a test by sending a signed message to our robot: tag-smime-demo-en@tbs-internet.com

If the test is negative because the outgoing message has not been signed, try to use the Settings button to indicate which certificate to use.

Error messages you might encounter

I get an error message when I try to send an encrypted or a digitally signed message.
  • « Microsoft Outlook a rencontré des problèmes pour crypter ce message : les certificats des destinataires suivants étaient absents ou non valides ou les fonctionnalités de cryptage étaient conflictuelles ou non prises en charge »
    you have certainly tried to send encrypted messages without having a copy of a valid certificate for the recipient. Has this recipient ever sent you a signed (and unencrypted) email with their latest certificate? If you have multiple contacts for the recipient, you should send the email to the contact to the contact who has the certificate.

    Scénario 1 You have an external partner with an invalid or expired certificate in AutoComplete. This partner is not in other locations or address books. Then, you send an encrypted e-mail message and select this partner from AutoComplete.

    Scénario 2 Office Outlook 2007 is configured to work offline. Therefore, address books are not available. In this case, you send an encrypted e-mail message and select a name from AutoComplete.


  • "The chosen security policy does not allow the use of one of the certificates of this security profile".
    this means that the certificate defined in your default security settings has expired or has become invalid or your security policy rejects your certificate.
    If you have configured your security options to use labels for each message you send, Auto Configure will not automatically notify you that your certificate has become invalid. To have Auto Configuration notify you of problems with your default certificates, in the Tools menu, click Options, then on the tab Security tab. Click Settings, and then click Security Labels. In the list Policy module list, click None. If your security system does not allow you to choose None, contact your system administrator to obtain the appropriate certificates for your system.

Useful links