Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2017-05-10 13:22:06.0

How do I install my Secure E-mail Certificate (S/MIME) on Mozilla Thunderbird (on Windows OS)

Article Number: 70595

User-added image

Purpose: Secure Email (S/MIME) certificate installation guide
For Secure Email (S/MIME) certificate on Mozilla Thunderbird on Windows OS

User-added image

The installation is in four parts:
1) Installing the S/MIME certificate in the personal certificate store
2) Importing the S/MIME certificate to Mozilla Thunderbird profile
3) Signing and Encrypting Messages
4) Storing a contact's secure email certificate (S/MIME exchange)
  Part 1 of 4: Installing the S/MIME certificate in the personal certificate store
 
1. After your ECS Enterprise account administrator has approved the enterprise S/MIME request, or after you have placed your personal S/MIME order, you will be sent an email at the address listed on your request.  Select that link.

2. Accept the Client Certificate Agreement that is presented in the browser that opens when you select the certificate pick-up link.

User-added image

3. Once you have confirmed you can download the certificate, you are prompted with the below "Web Access Confirmation" pop-up. Select "Yes". The prompt is asking you to allow Entrust Datacard to perform digital certificate operations on your behalf, which is required to allow in order to complete the next steps.

User-added image

4. Your browser will prompt you to download (open or save) a .p12 file. Open the file.

User-added image

5. A Certificate Import Wizard will open. On the first prompt, select "Current User" and then Next.

User-added image

6. Confirm you wish to import the .p12 file from the location shown by selecting Next.

User-added image

7. When you requested the certificate, you were prompted to set up a password to protect the private key. Provide that password here. Also, select "Mark key as exportable..." in case you need to export your certificate in the future.

User-added image

8. Select the option "Automatically select the certificate store based on the type of certificate".

User-added image

9. Complete the Wizard by selecting Finish.

User-added image

10. Your certificate has been successfully imported to the personal certificate store.

User-added image
  1. Go to your email account profile by selecting your email address on the left-hand menu, and then to open your account settings, select  View settings for this account.

User-added image

2. Select Security and then View Certificates to open your Mozilla Thunderbird Certificates Manager.

User-added image

3. Select the Your Certificates tab and then Import.

User-added image

4. Select the .p12 file you imported in the previous section.

User-added image

5. You will be prompted to enter the password you set when you created/purchased the certificate. Enter that password.

User-added image

6. Your certificate has now been imported to your Mozilla Thunderbird email profile. It will be listed under the Your Certificates tab.

User-added image

7. Now that the certificate is imported, you must Select to activate it for your account profile. Click OK to leave the Certificate Manager. Still in Account Settings > Security under the Digital Signing section, click the Select button to activate the certificate. Do the same for Encryption.

User-added image

User-added image

You can now send digitally signed and encrypted email with this profile.
 
User-added image

A new icon, Security, will now appear in your Write message window. You can Encrypt or Digitally Sign messages by selecting either or both options.

Mail sent with a digital signature will show as digitally signed by the sender to any receiver of that email.

To be able to send and receive encrypted email with someone else, note there are some additional steps to complete.

Part 4 of 4: Storing a contact's secure email certificate (S/MIME exchange)

1. Send a signed email to a recipient. Make sure that person stores your profile so that they can retain your public key.

2. You will also need a copy of that person's public key.  Have them email you a digitally signed email. 

3. You will receive the digitally signed email as below. Digitally signed email will appear with the icon outlined in red below.

User-added image

4. To ensure you have received the sender's public key, got Account Settings > Security > View Certificates. Go to the People tab to confirm the sender's certificate has been stored.

User-added image
 
User-added imageYou can now exchange encrypted emails with that user.
If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: ?

Hours of Operation: 
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
 

CountryNumber
Australia0011 - 800-3687-7863
1-800-767-513
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
0800-4413101
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088

Affected Products:

  • Entrust Entelligence Content Control Server 8.0 English Linux
  • Entrust Entelligence Content Monitoring Server 8.0 English Linux
  • Entrust Entelligence Messaging Server 8.0 English Linux
  • Entrust Entelligence Messaging Server 8.0.1 English Linux
  • Third Party IBM eServer xSeries x306 Language Not Applicable Platform Not Applicable
  • Third Party IBM eServer xSeries x336 Language Not Applicable Platform Not Applicable