Secure Email Encryption Solutions

S/MIME Certificates

Using encryption and digital signatures, Secure/Multipurpose Internet Mail Extensions (S/MIME) certificates ensure email security, confidentiality, and integrity. The S/MIME certificate uses the recipient’s public key to encrypt the message and only the intended recipient’s private key can decrypt the message. This allows the sender to be confident that the signed email message will only be read by the intended party, and the receiver to verify the integrity and claimed origin of the message.

It’s crucial for both businesses and individuals to secure email communications and ensure message integrity. Whether you’re an individual, startup, small business, or enterprise, Sectigo offers S/MIME email certificate options that will meet your needs.

Sectigo is a leading S/MIME certificate provider and our secure email certificates are supported by all major mail applications including Microsoft Outlook, Exchange, Apple Mail, popular mobile operating systems, and more.

40%

of Fortune 1000
companies use Sectigo

Personal Email Security (S/MIME)

Used for personal email

$15

Up to 20% off with multi-year

Enables end-to-end encryption of emailsDigitally sign emails to prevent email fraudSupported by Microsoft Outlook, Apple Mail and other popular email clientsEnables digitally signing Microsoft Office files (docx, pptx, xlsx etc.)Validates email address onlyFree online, phone, email and chat support

4.8

Save Time and Money with a Multi-Year Certificate

Securing your email just got easier. With coverage ranging from 1-2 years, Sectigo's multi-year plans provide instant savings and consistent coverage in a simplified, long-term solution. Secure email certificates from Sectigo guarantee you get our best price, locked in for 2 years.

Requirements and Issuance

Leveraging numerous sophisticated security features, S/MIME email certificates give users the confidence to trust their digital correspondence and avoid many of today’s attacks on enterprise email users and infrastructure. In order to enable this authentication process, there are certain steps to be aware of when ordering and receiving your Sectigo S/MIME certificate. Learn more about requirements, prerequisites, and the issuance process.

A desktop or laptop computer is recommended for collecting your email signing certificate (as opposed to a mobile phone or tablet).

Certificates can be ordered using any modern browser, such as Firefox, Edge, Chrome, Opera, or Safari.

Use the same system for ordering and collecting the certificate in pkcs12 format. The private key is stored in the Crypto store of the machine from which the order was placed. The PKCS 12 file is protected using a password and can be transferred securely to other systems.

When ordering a Sectigo secure email certificate, you must submit a Certificate Signing Request (CSR).

A CSR (PKCS#10) is a standardized way to request signed certificates from a certificate authority. A CSR is a file that contains the public key of the subject of the certificate along with other certificate attributes like Subject Name, Public Key Algorithm, etc.

You can submit a CSR that you created yourself, or it can be generated for you on the Sectigo website during the order process.

The process for ordering and collecting your certificate has four stages:

Order the certificate. At checkout, enter the registered domain of your email address (the part after the @) in the Primary Domain field. For example, for [email protected]
you would enter example.com
Request the certificate. You must provide your personal details for the certificate, along with a CSR.
Download the certificate.
Install the certificate.

Note: Due to the validation requirements, there may be a delay between when you place your order and when you receive your certificate.

Once the order is submitted, it is validated by Sectigo. While it is being validated, the order status is Pending.

An order confirmation email will be sent to your registered email address, where you can use the Validation Manager button to check the status of your order.

Once the order has been approved, its status will change to Active. You can proceed to create the certificate request.

Intuitive Dashboard

In our customer dashboard, you'll be able to view all products you have with Sectigo, view their lifecycle status, issue or reissue, and renew expiring certificates, saving you time and fear that an expired certificate may down your site at an unexpected time.

How they work

S/MIME certificates work by using asymmetric encryption. When an email is sent, the sender encrypts the contents with the recipient's public key; only the recipient’s private key can then decrypt the message, ensuring confidentiality. Similarly, SMIME certificates can be used for digitally signing an email. In that case, the private key is used for signature creation based on the email content, which verifies the authenticity of the message and confirms that the contents are unaltered.

Diagram showing how an S/MIME certificate works to secure email communications

Trusted by Leading Brands Globally

Securing some of the world’s largest and best-known brands.

FAQs

Have another question?

Reach us by chat in the lower-right corner.

S/MIME stands for Secure/Multipurpose Internet Mail Extensions. This type of digital certificate enables users to secure the integrity and privacy of their emails. Its encryption process authenticates the message and ensures that the email has not been tampered with by an outside party.

A digital signature attached to an email message offers another layer of security and provides additional assurance to the recipient that you—not an impostor—signed the contents of the email message. Your digital signature, which includes your certificate and public key, originates from your digital ID. That digital ID serves as your unique digital mark and signals the recipient that the content hasn't been altered in transit.

Internet Explorer and Firefox ESR (version 68.x or earlier) are the recommended browsers for initiating an email certificate request.

In order to request an email certificate, the browser must support a key generation mechanism that is supported by the server. Currently, Chrome and Edge browsers do not support this function, and therefore, are unable to initiate an email Certificate request.

Still Have Questions?

Our technical support team is ready to assist you in selecting the right certificate for you. Our experts are helping customers 24/7/365.
Simply chat with us now or reach us at [email protected] or by phone:

United States

+1 888 266 6361

International

+1 914 732 8446

Related Resources

Listen Now

EPISODE 212

Broadcast Date:
March 28, 2022

11 minutes

Podcast Mar 28, 2022

Root Causes 212: S/MIME Limited to Three Years

On April 1 new root program requirements from Apple for S/MIME certificates go into effect, including a limitation of the allowable term to three years.

Root Causes Secure Email (S/MIME) Browsers

Tim Callan

Jason Soroko

Listen Now
Learn More

What Are the Different Types of E-Signatures?

A Blog Post from Sectigo

Blog Post Sep 09, 2021

The three different types of electronic signatures are simple electronic signatures (SES), advanced electronic signatures (AES), and qualified electronic signatures (QES). Learn about how these e-signatures work and when to use which type.

Sectigo Team | Delivering Digital Trust

Learn More
Learn More

Email Attacks - the Costliest of Cyber Crimes?

A News Article from Sectigo

News Article Jun 28, 2019

Using S/MIME email certificates across an enterprise - an efficient way of digitally signing and encrypting emails - combats spear phishing by enabling the user to confirm the true sender of an email.

Secure Email (S/MIME) Social engineering

Sectigo Team
Delivering Digital Trust

Learn More