Encrypting Email With iOS Mail – A How-To

5
| How-To

Page 3 – Setting Up S/MIME on iOS

Now We Can Set Up S/MIME on iOS

Once you install the certificate, you’ll need to set up S/MIME to enable encrypting email with iOS Mail. Go to the Settings app, then choose Mail, followed by the account you installed the certificate for. Next, tap on the email address next to Account to get into those settings.

Getting into the account settings for your email - encrypting email with iOS Mail

In your Mail settings, choose the account you installed certificates for, then tap the account name

Next, tap the Advanced menu item.

Tap the Advanced menu option - encrypting email with iOS Mail

Tap the Advanced menu option

Now, toggle S/MIME on, if it isn’t already. Then tap Sign.

The Advanced options for an iOS Mail app account - encrypting email with iOS Mail

Turning on S/MIME support and setting up your digital signature

Toggle Sign on, and select the proper certificate. If you only installed one certificate, there will only be one listing here. Your iOS device ticks it by default if you only have one certificate. Then tap on Advanced again to go back to the previous menu.

Encrypt by Default settings - encrypting email with iOS Mail

Toggle Sign by Default on, then choose the appropriate certificate

To enable encryption, you’ll need to visit Encrypt by Default, even if you don’t want to automatically send encrypted emails. Tap that option, beneath Sign.

Navigate to the Encrypt by Default setting - encrypting email with iOS Mail

Navigate to the Encrypt by Default setting

Turn on Encrypt by Default. You should do this even if you don’t plan to send encrypted emails all the time. Next, select the correct certificate. If you don’t want to automatically encrypt your emails, you can safely toggle this off now. For whatever reason, not performing this step leaves iOS Mail confused as to which identity certificate to use in encrypting email.

Encrypt by Default settings - encrypting email with iOS Mail

Toggle Encrypt by Default on, then choose the appropriate certificate – you can turn this option off after you’ve chosen the certificate

Once you’ve followed the previous step, tap Advanced and then Account. To finalize everything, tap Done in the upper right corner.

Back to the account settings menu, where we need to tap Done - encrypting email with iOS Mail

Tap Done from the Account settings menu, or your changes won’t save

Next: Multiple Email Addresses, Exchanging Certificates, Sending Encrypted Email

11 Comments Add a comment

  1. @Jeff Butts: Thanks for the tip. 1) the instructions that you linked to suggest putting the cert in the System keychain, and 2) exporting from the Login keychain also does not allow p12 export.

  2. Oh, I see how to do it. 1) it does have to be in the Login keychain, 2) select the My Certificates category, and 3) twist down the triangle next to the certificate and select the key inside the certificate. That will export a p12 file. Oddly, once I’ve done this I can export directly from the certificate too.

  3. Scott B in DC

    Nice article for the geeks, but this highlights what is wrong with the system: could I get my father to follow along in order to send private messages in email?

    Until someone comes up with a way for anyone to use encrypted email without having a computer science degree, it’s a kludge.

    (I know… my inner curmudgeon is showing)

Add a Comment

Log in to comment (TMO, Twitter, Facebook) or Register for a TMO Account