How to sign an email with Mail

Alert!: Attention: Cet article/tutorial est ‰gé de plus de 45 jours. Ainsi les informations qu’il contient peuvent être, maintenant, dépassé. Merci de lire toutes les informations qu’il contient pour vous assurez que cet article fonctionnera bien sur votre système


FYI Mac OS X 10.3 and up-to-date Mozilla [Firefox] or Safari 1.2.4 or greater are required for this tutorial.
This tutorial updated on 20th October 2005

Digitally signing email is a way to guarantee not only that email is most definitively from you, but also guards against possible spamming claims. Add to this the ability to encrypt messages and it’s clear to see the advantages of signing your email. This tutorial shows how to start signing your email with OS X Mail.

The first part of this tutorial is to request your actual digital certificate. Thanks to the people at Thawte, this is free for everyone, and it is as simple as filling out an online form.

Go to in your browser.

Click the “Join” button at the top right of the page

You will be brought through a fairly standard enrolment process where Thawte take some information about you – state ID number, Passport Number, etc. It should be noted that this is secure and Thawte are trustworthy.

Once you have completed your signup and confirmed your email, you will be asked to login using the email and password you supplied in the enrolment stage.

Once logged in, click “Certificates” in the left menu, on the resulting page click “Request a Certificate” and following that click the button in the main area to request an X.509 format certificate.

In the resulting pop-up window, select “Netscape Communicator or Messenger” and then click request. Click Next. Choose your email address (one only if there are more then one) and click next. Once again click next, followed by Accept.

Under the Public Key heading be sure to choose 2048 (High Grade) and once again click next. Confirm that everything is correct and click “Finish”.

The next part of this tutorial is actually acquiring your certificate. In the main account area, click “View Certificate Status”. You should see you requested certificate with either a status of pending or issued. If it has been issued, click on it. View the details of the certificate and then click fetch.

If you are using Mozilla Firefox:
Once Mozilla has received the certificate, go to the Mozilla application menu and click preferences. Choose “Certificates” under the advanced tab and click the button to “Manage Certificates”. You should see your new certificate from Thawte in the list. Select it and click “Backup”. Save this file to your desktop. You can now quit Mozilla.

If you are using Safari:
The file should download to the desktop, or your download folder.

The final part of this tutorial demonstrates how to actually add this new certificate to your keychain so it can be used by Mail. In typical Apple style this is probably the most easy stage. Simply go to your desktop to where you saved the file from Mozilla and double click it. Keychain Access will open and ask you what Keychain to add it to. Personally I added it to my login one, and for most people this will be perfect – however, if you have advanced keychains feel free to add where you wish. Quit Keychain Access.

That is basically it. From now on when you compose mail with your address you will see a small tick in the top right. If this is selected the email will be signed. If you have received a signed email off someone, you will be able to reply with an encrypted email. If available you will also see a padlock beside the tick.

From now on, people will receive a “Security: Signed” header when viewing emails from you.

Leave a comment

Your email address will not be published. Required fields are marked *