There are various options for using electronic signature and encryption in the email area, depending on which software you are used to. Some prefer convenient e-mail clients on a PC (e.g. Microsoft Outlook, Mozilla Thunderbird) or mobile (e.g. with K-9 Mail), others like to work with webmail simply in the web browser.
A convenient way of using e-mail encryption and electronic e-mail signature on the PC is to use the e-mail client Microsoft Outlook.
The Microsoft Windows operating system stores user certificates in a central location, the Cryptographic Service Provider. Microsoft Outlook expects user certificates at this point, so you first have to check whether the user certificate is there:
The requested personal user certificate should be shown here. If this is not the case (e.g. because you did not apply for the user certificate using Microsoft Internet Explorer), you must first import the backup file created under User Certificates using the “Import …” button.
In the second step, Microsoft Outlook needs to know which certificate should be used and how:
In the third step, Microsoft Outlook should be set up for the convenient use of digital signature and encryption:
You have now carried out all the necessary steps to sign every email. If you have the public key of your communication partner, you can also encrypt every email.
Principle: Use your private key to sign your email. The communication partner can then use your public key to check whether / that data is unchanged.
Principle: You encrypt your email with the help of the communication partner's public key. The communication partner can then decrypt the email using his private key.
For encryption, you must first have the public key of the communication partner: