If you use the Mail app on your Mac for work, or just want more security in your messages, then you will want to look at encrypting them. But how do you do this in Mail for Mac? It's a little complex, but we'll show you how to do so in this guide.
- How do I obtain a personal certificate?
- How to send digitally signed and encrypted emails on Mail for Mac
- How to receive digitally signed and encrypted emails on Mail for Mac
How do I obtain a personal certificate?
Before you are able to start sending and receiving encrypted emails, you will need to have a personal certificate in your Keychain. To get one, do the following:
- Launch Keychain Access on your Mac (Macintosh HD > Applications > Utilities > Keychain Access).
- Click Keychain Access in the menubar.
- Hover over Certificate Assistant and click Request a Certificate From a Certificate Authority.
- Fill out the request form with your own information.
- For CA Email Address, you should check services like VeriSign, Inc. or RSA Data Security Inc. These are companies that verify the identities of computers on a network and issues certificates.
- Choose whether or not you want the certificate emailed to the CA or Saved to Disk.
- Click Continue.
- If you chose Saved to Disk, specify the location to save to.
- Locate the certificates and open them with Certificate Assistant.
- Select the Issuing CA from the drop-down menu.
- You can choose to override the defaults if need be.
- Click Continue.
- Select the Create a certificate for yourself option.
- Click Continue.
- Double check the information, and then click Create.
- You should select Self Signed Root as the default.
- Certificate type should be S/MIME (Email).
- It will prompt you for confirmation. Click Continue.
- Your certificate has been created, so click Done.
Once you create your certificate, it is automatically added to Keychain.
How do I send digitally signed and encrypted emails on Mail for Mac
When you have your certificate, it means that your recipients can verify you as the sender, adding another layer of security. However, to send encrypted messages, the recipient's certificate must be in your keychain.
- Launch Mail on your Mac.
- Click on the Compose button, or File > New Message to create a new message.
- In the From field, click and choose the email account that you have a personal certificate for in your keychain.
- In the subject line, there will be a checkmark box at the end on the account with a certificate. Click the checkmark button to turn on your digital signature.
- Address the email message to your recipients.
- The Encrypted symbol (closed lock) will appear next to the Signed icon if you have a certificate for every single recipient that the message is being addressed to.
- If you do not have the certificate for all recipients, then the message must be sent unencrypted.
How to receive digitally signed and encrypted emails on Mail for Mac
Again, remember that you need to provide senders with your own verified certificate in order to receive encrypted messages.
Mail for Mac has a Security field in the header area that indicates whether a message is signed or encrypted.
- For signed messages, you will see a signed icon (checkmark) in the header. If you need to, just click the icon to view certificate details.
- Messages that are altered after they've been signed will have issues with verification.
- For encrypted messages, a lock icon appears in the header. If you have your private key in Keychain, the message will be decrypted for viewing. Otherwise, it won't be decrypted.
Always have these necessities on-hand(opens in new tab)
Seagate Backup Plus Slim 1TB (opens in new tab) ($50 at Amazon)
You should always be backing up your computer. This Seagate portable drive goes up to 5TB in space and will work flawlessly with your Mac. It's highly affordable, so there's no reason why you shouldn't be backing up regularly. Keep your certificate copies on this secure drive!(opens in new tab)
Gesture-based email (opens in new tab) ($99 at Amazon)
The Magic Trackpad lets you swipe and tap away with ease! This will help make managing your email easier due to easily accessible gestures.(opens in new tab)
Apple Magic Keyboard with Numeric Keypad (opens in new tab) ($139 at Amazon)
If you're going to be dealing with email all day, then make sure you have the Magic Keyboard with Numeric Keypad. It comes in the awesome space gray color, and the number pad makes it easier to type in numbers when you need them.
Having digital signatures and encryption on email may seem like a lot of extra work, but if you want security and peace of mind when it comes to important email messages, then it's the best way. After all, who wants just anyone to see their top secret plans and whatnot?
Any questions, drop them in the comments and we'll do our best to help.
Christine Romero-Chan has been writing about technology, specifically Apple, for over a decade at a variety of websites. She is currently the iMore lead on all things iPhone, and has been using Apple’s smartphone since the original iPhone back in 2007. While her main speciality is the iPhone, she also covers Apple Watch, iPad, and Mac when needed.
When she isn’t writing about Apple, Christine can often be found at Disneyland in Anaheim, California, as she is a passholder and obsessed with all things Disney, especially Star Wars. Christine also enjoys coffee, food, photography, mechanical keyboards, and spending as much time with her new daughter as possible.
"Having digital signatures and encryption on email may seem like a lot of extra work, but if you want security and peace of mind when it comes to important email messages, then it's the best way" Not really, the best way is to not use email. There are an abundance of messaging services that allow encrypted messaging and file sending with zero configuration. Email was never made to support encryption, which is why it's so complicated, and most importantly, definitely not the best way of secure messaging
Other than iMessage to iMessage, to which messaging services are you referring? Thanks!
Telegram, Signal, Slack, Dust. In fact, most modern messaging services have end-to-end encryption nowadays, even WhatsApp although I wouldn't trust WhatsApp in particular.
Hello everyone, im from Missouri USA, I have been struggling looking for a means of getting a loan for the past 4 months, I have searched a lot of companies. I needed a loan of $47,000 to set up a business and settle my bills as well as take care of my children. But not until I was referred to one Mr George Negga of George negga guarantee loan with Contact email@example.com by Mrs Renee Craig a member of my church. So I decided to apply and to my surprise I was granted and funded my desired loan amount as I have applied for. I want to use this platform to reach out to everyone out there in need of a loan to contact then https://georgenegga.wixsite.com/guaranteeloan/contact . They are reliable God bless you.
The part on entering a CA (Certificate Authority) Email Address is a bit murky. Where in their websites (i.e. Verisign or RSA) would you find those email addresses? Is there a procedure to have your computer(s) vetted?
Get the best of iMore in in your inbox, every day!
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.