Step 2: Configure Secure Secure Email Standard End-User Guide Version: 1.0.3 Effective Date: 12-Mar-2014 Prepared by: Ward Anderson Hal Birkeland Vicki Rumford
Certificate Installation Instructions This section describes how to obtain your PKI HON Public Identity certificate for use with secure email and email encryption. 1. Click the HON Public Identity link to begin. 2. The Symantec PKI Certificate Service enrollment wizard starts. 3. Click Continue. The Enrollment Information screen displays. 4. Complete the Username and Password fields using your EID and LDAP password. 5. Click Continue. PKI 2 Secure Email (encryption) Standard End-User Guide Page: 1
6. Verify your information. If the information is valid, continue with the next steps. If it is not, discontinue this process and contact your certificate administrator. 7. Verify that HON Public Identity is listed in the Certificate nickname field. 8. Click Continue. 9. The Install Certificate screen displays. Review the installation steps. 10. Click Install Certificate. 11. At the Enter the PIN popup window, enter your Symantec PKI PIN. If you have forgotten your PKI PIN, click the Forgot your PIN link and follow the instructions to create a new PKI PIN. Note: If installing the first certificate on the laptop, you must create and confirm the PIN that will be used to access the PKI certificate. 12. Click OK. The Installing your certificate window opens, displaying the progress of the certificate installation. The PKI certificate will take approximately 30 to 90 seconds to install. 13. When the installation is completed, a message displays indicating the certificate enrollment is complete and the certificate was installed successfully. 14. Close your browser window. PKI 2 Secure Email (encryption) Standard End-User Guide Page: 2
Configure Microsoft Outlook This section describes how to use your new PKI certificate to configure Microsoft Outlook for email encryption and digital signature. 1.1 Configure Outlook 2007 and 2010 To configure Microsoft Outlook 2007 or 2010 for email encryption and digital signature: 1. Open Microsoft Outlook and select Tools > Trust Center. 2. Select the E-mail Security option from the left-hand navigation menu. 3. Ensure the Send clear text signed message when sending signed messages option is selected and click Settings. 4. Click OK to open the Change Security Settings popup window: 5. Ensure all checkboxes are selected. 6. In the Certificates and Algorithms section, click the Choose button for the Signing Certificate. 7. At the Select a Certificate popup window, select the most recent HON Public Identity certificate. PKI 2 Secure Email (encryption) Standard End-User Guide Page: 3
8. Click OK to close the Select a Certificate popup window. 9. Ensure that SHA1 is selected for the Hash Algorithm dropdown list for the Signing Certificate. 10. Click the Choose button for the Encryption Certificate. 11. At the Select a Certificate popup window, select the most recent HON Public Identity certificate. 12. Click OK to close the Select a Certificate popup window. 13. Ensure that AES (256-bit) is selected for the Encryption Algorithm dropdown list. 14. Click OK to close the Change Security Settings popup window. 15. Restart your computer to save the configuration changes. Microsoft Outlook 2007 or 2010 is now configured to send and read encrypted emails. PKI 2 Secure Email (encryption) Standard End-User Guide Page: 4
1.2 Configure Outlook 2013 To configure Microsoft Outlook 2013 for email encryption and digital signature: 1. Open Microsoft Outlook 2013 and select File > Options to open the Account Information window: 2. Select Options from the left-hand navigation pane to open the Outlook Options window: 3. Select the Trust Center option from the left-hand navigation menu. 4. Click OK on the Outlook Options window (shown above) to open the Trust Center window: 5. Select the E-mail Security option from the left-hand navigation menu. PKI 2 Secure Email (encryption) Standard End-User Guide Page: 5
6. Click OK to open the E-mail Security options: 7. Ensure the Send clear text signed message when sending signed messages option is selected, and click Settings to open the Change Security Settings window: 8. Ensure all checkboxes are selected. 9. In the Certificates and Algorithms section, click the Choose button for the Signing Certificate. 10. At the Select a Certificate popup window, select the most recent HON Public Identity certificate. 11. Click OK to close the Select a Certificate popup window. 12. Ensure that SHA1 is selected for the Hash Algorithm dropdown list. 13. Click the Choose button for the Encryption Certificate. 14. At the Select a Certificate popup window, select the most recent HON Public Identity certificate. 15. Click OK to close the Select a Certificate popup window. 16. Ensure that AES (256-bit) is selected for the Encryption Algorithm dropdown list (see image above). 17. Click OK to close the Change Security Settings popup window. 18. Restart your computer to save the configuration changes. Microsoft Outlook 2013 is now configured to send and read encrypted emails. PKI 2 Secure Email (encryption) Standard End-User Guide Page: 6
Revision History Revision Revision Date Summary of Changes Made Changed By Number 1. 7 OCT 2014 Corrected the Verify your Information image to show PKI Public certificate. Vicki Rumford 2. 6 MAR 2015 Updated Windows 2013 details Vicki Rumford PKI 2 Secure Email (encryption) Standard End-User Guide Page: 7