HowTo: e-Mail Client Software

See also ImportRootCert | FAQ/BrowserClients

This HowTo tells you how you can manually import the CAcert Root Certificate, and *.p12 / *.pfx files containing your client certificates with your corresponding private keys), in your e-mail client software.

Expected Result: You can use S/MIME or PGP/GPG siganture and encryption using CAcert-issued certificates.

Android

DJIGZO

DJIGZO has two separate key stores: "Certificates & Keys" for your personal keys (and intermediary certificates). But CA root certificates go into "Root certificates". So when your CA certificate is a (self-signed) root certificate, you have to add it to "Root certificates", choosing "Store to import to: root". This is in contrast to your (intermediary or end-user) certificates which are signed by a CA; they go into "Certificates & Keys" by choosing "Store to import to: certificates".

see also here: https://lists.cacert.org/wws/arc/cacert/2012-12/msg00009.html

R2Mail2

For S/MIME encryption and/or signing, there is the Android app R2Mail2, which is a fully functional e-mail client. Unfortunately, it costs 4,80 Euros (for the license; otherwise you only see 5 messages per folder for demo). R2Mail2 is still being developed and further improved. I already find it much better than the default Android mail client. It does not have as many features as K-9 mail, but it fully supports S/MIME (and to some more limited degree also PGP).

see also here: https://lists.cacert.org/wws/arc/cacert/2012-12/msg00009.html

FairEmail

This client is available on Google Play and is able to sign and encrypt messages. The program supports both S/MIME and PGP.

The client needs you to install your certificate with the corresponding private key, preferably from the backup file *.p12 / *.pfx (file icon: fingerprint) and, certainly, to install CAcert root certificates (these may also be in the same file).

Installing these files into the Android system of higher versions (5+) is described elsewhere; links are presented at the beginning of this article. If you receive mail from the same source on multiple devices, you must ensure that your *.p12 / *.pfx file contains the same private key and the corresponding certificate you are using in email clients elsewhere. Certificate and private key are installed automatically, when you download or open the file. If you have more than one (private key & certificate) in Android system installed, you will need to select, which one the client should use to encrypt a message to send.

To decrypt the received message, you may need to press the lock icon in the header.

As with other email clients, it is also necessary to receive one unencrypted, but signed message from the person with whom you want to exchange encrypted messages. Signature (Scribar Icon) is marked in the message header and the client saves it automatically. After pressing the icon, FairEmail shows you who signed the message and other details.

iOS (iPhone, iPad)

The advantage of S/MIME is that it's built into Mail in iOS. To enable this feature, you have to go into the Settings > Account > Advanced for each e-mail account, and then enable S/MIME.

PGP/GPG in (Apple) Mail

Česky | Dansk | Deutsch | EnglishEspanolFrançais | Nederlands | Polski | Portugês

Linux

PGP/GPG in Thunderbird

S/MIME in Thunderbird

see: http://luxsci.com/blog/installing-smime-and-pgp-encryption-certificates-into-major-email-clients.html

MacOS (Macintosh)

Mac OS X includes Keychain, a built-in key and password manager, which stores user passwords, user and server certificates, and keys. Certain applications use this centralized Keychain for storing and retrieving certificate information in lieu of maintaining their own, separate certificate repositories.

The advantage of S/MIME is that it's built into Mail on the Mac.

To import your certificate-key pair:

Once imported, your certificate-key pair will appear under both the Certificates and Keys categories in the Keychain Access utility.

Apple Mail

Deutsche Anleitung

S/MIME in (Apple) Mail

see: http://luxsci.com/blog/installing-smime-and-pgp-encryption-certificates-into-major-email-clients.html

S/MIME in Entourage

see: http://luxsci.com/blog/installing-smime-and-pgp-encryption-certificates-into-major-email-clients.html

Thunderbird

see Linux

Outlook for OS X

Windows

S/MIME in Outlook 2003

see: http://luxsci.com/blog/installing-smime-and-pgp-encryption-certificates-into-major-email-clients.html

S/MIME in Outlook 2007

see: http://luxsci.com/blog/installing-smime-and-pgp-encryption-certificates-into-major-email-clients.html

S/MIME in Outlook 2010

see: HowToDocuments/Outlook%202010

Thunderbird

see Linux


CategoryCommunity CategoryConfiguration CategoryGuide CategorySoftware CategorySupport

FAQ/eMailClients (last edited 2021-04-22 07:16:01 by AlesKastner)