Page 3 – Setting Up S/MIME on iOS

Now We Can Set Up S/MIME on iOS

Once you install the certificate, you’ll need to set up S/MIME to enable encrypting email with iOS Mail. Go to the Settings app, then choose Mail, followed by the account you installed the certificate for. Next, tap on the email address next to Account to get into those settings.Next, tap the Advanced menu item. Now, toggle S/MIME on, if it isn’t already. Then tap Sign.

Configure <a href=iOS 14 for Encryption 1" width="2400" height="1372" srcset="https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1.jpg 2400w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-300x172.jpg 300w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-1024x585.jpg 1024w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-768x439.jpg 768w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-1536x878.jpg 1536w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-2048x1171.jpg 2048w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-400x229.jpg 400w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-1200x686.jpg 1200w, https://www.macobserver.com/wp-content/uploads/2017/03/Configure-iOS-14-for-Encryption-1-600x343.jpg 600w" sizes="(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px" />

Enabling encryption on iOS 14 Mail

Toggle Sign on, and select the proper certificate. If you only installed one certificate, there will only be one listing here. Your iOS device ticks it by default if you only have one certificate. Then tap on Advanced again to go back to the previous menu. To enable encryption, you’ll need to visit Encrypt by Default, even if you don’t want to automatically send encrypted emails. Tap that option, beneath Sign. Turn on Encrypt by Default. You should do this even if you don’t plan to send encrypted emails all the time. Next, select the correct certificate. If you don’t want to automatically encrypt your emails, you can safely toggle this off now. For whatever reason, not performing this step leaves iOS Mail confused as to which identity certificate to use in encrypting email.

Configure iOS 14 for Encryption 2

Turning on encryption options in iOS 14 Mail

Once you’ve followed the previous step, tap Advanced and then Account. To finalize everything, tap Done in the upper right corner.

Configure iOS 14 for Encryption 3

Finally, go back to the Account pane and tap Done

Next: Multiple Email Addresses, Exchanging Certificates, Sending Encrypted Email

Subscribe
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

14 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Vito

This article worked great for the Mail app in iOS 10.x, but then Apple released iOS 11 and blew everything up. It would be most helpful if an updated version of this article for iOS 11 couild be posted.
Thanks!

EasyPGP

You can get pgp encryption for iOS by using the EasyPGP app. It integrates with the iOS keyboard so you can have pgp everywhere, with any email client with just 2 clicks. iPad and iPhone compatible

Vito

Many thanks for this article. It’s a great help for those of us who need to set up encrypted mail on iOS and can’t use Apple’s Configurator 2 utility to do it. @khurt: The procedure described in the article above isn’t “doing it wrong”. It’s currently the only way that makes it possible to set up encrypted mail in iOS for anyone who is using anything other than macOS 10.12.2. In my case, I’m in the middle of a project on my Mac Pro (running Yosemite 10.10.5) that will extend to December. Alas, thanks to the tyranny of the App… Read more »

Your’re doing it wrong. I wrote this in 2011 but it still works.

https://islandinthenet.com/ios-5-secure-mail/

Video how to configure S/MIME for free (and renewable) Fossa X.509 certificates either on Mac https://www.youtube.com/watch?v=Fyc5YW3BS0Y iOS https://www.youtube.com/watch?v=beQM4nLWGxs&t=49s and to exchange email with web Gmail.

Scott B in DC

Nice article for the geeks, but this highlights what is wrong with the system: could I get my father to follow along in order to send private messages in email?

Until someone comes up with a way for anyone to use encrypted email without having a computer science degree, it’s a kludge.

(I know… my inner curmudgeon is showing)

Oh, I see how to do it. 1) it does have to be in the Login keychain, 2) select the My Certificates category, and 3) twist down the triangle next to the certificate and select the key inside the certificate. That will export a p12 file. Oddly, once I’ve done this I can export directly from the certificate too.

@jjcyr Butts: Thanks for the tip. 1) the instructions that you linked to suggest putting the cert in the System keychain, and 2) exporting from the Login keychain also does not allow p12 export.

Nice piece. Thanks for putting it together. However the p12 file type export option is gray and unavailable on my Mac, so I’m stuck.

MrJosefKafka

Thanks a great piece, would love to see a “how to” for Mac mail.

Thanks again