Is SSC better than CA.

Configuration of Outlook 2010, 2013 & 2016

For these instructions you must have already submitted the application form to the KIT-CA, picked up the certificate and created a backup.

Since Outlook uses the Windows certificate store, you should have applied for the certificate beforehand using Internet Explorer on the same computer with the same account / profile (then please follow the instructions below), or you should have imported the certificate beforehand.

If you have applied for the certificate on a different computer but with Internet Explorer and have not yet created a backup of the certificate, please return to the following step:
If you applied for the certificate with Firefox (regardless of which computer) but have not yet created a backup, please go to the following page and go through the steps there:
If you have already created the backup of the certificate (but on another computer or with Firefox) and not yet familiarized with the Windows certificate store, please return to the following step: (Import the backup into the Windows certificate store)

To use the imported certificates, it is necessary to configure the mail program accordingly before e-mails can be signed or encrypted.

Open your Outlook program. Then under File Options select the Security Center tab. There you select the Settings button for the Security Center at the bottom right, then select the E-Mail Security tab.

 

Outlook options in Outlook 2013:

In Outlook 2013, select the Trust Center tab under File Options instead. There you select the Settings button for the Trust Center at the bottom right, then select the E-Mail Security tab.

Then (for Outlook 2010 and 2013) set the following tick in the section Encrypted E-Mail Messages:
  • Encrypt content and attachments for outgoing messages. (Optional)
  • Add signature to outgoing messages. (Optional)
  • Send signed messages in clear text

and select the Settings button.

  • Apply the following settings and confirm the dialog with OK:

    • Give the security setting an appropriate name.
    • Cryptography format: S / MIME
    • Tick ​​at: Standard setting for this format of cryptographic messages and
    • Default security setting for all cryptographic messages
    • Signature certificate: Click the Select button, confirm your selection with OK
    • Hash algorithm: SHA256
    • Encryption certificate: Click the Select button, select the correct certificate and confirm your selection with OK
    • Encryption algorithm: AES (256-bit)
    • Check mark next to: Add these certificates to signed messages
  • If you ticked Add digital signature (optional) to outgoing messages in the previous step, your e-mails will be signed automatically.

    In the Options ribbon, you can sign your e-mail by clicking on Sign (the button is highlighted in color.

    By pressing the Sign button again (the button is no longer highlighted in color), the e-mail is sent unsigned.

    In the Options ribbon, you can encrypt your e-mail by clicking on Encrypt (button is highlighted in color).

    By pressing the Encrypt button again (button is highlighted in color), the email is sent in encrypted form.

    Note:

    So that others can send you an encrypted e-mail, they need your certificate. You can transmit this, among other things, by sending a signed mail. If you use Outlook on your KIT workstation, the public certificates are updated once a day in the global address memory (Exchange GAL).