en:tp:email:security:mozilla-thunderbird
Table of Contents
Mozilla Thunderbird
Requirements
- Correct setup of the e-mail client Mozilla Thunderbird
- Valid digital User certificate
Configuration
Mozilla Thunderbird has its own certificate management and therefore does not usually use that of the operating system. Therefore, the certification authorities and the digital user certificate must be imported into Thunderbird.
Certification authorities
- Application menu (3 horizontal lines) → Settings → Privacy & Security → Certificates → Manage Certificates…
- Card Certification Authorities:
- T-Systems Enterprise Services GmbH
- T-Telesec GlobalRoot Class 2
- DFN-Verein Certification Authority 2
- Association for the Promotion of a German Research Network e.V.
- DFN-Verein Global Issuing CA
Missing certification authorities can be downloaded here and added via the button “Import…”. button.
User certificate
- Application menu (3 horizontal lines) → Settings → Privacy & Security → Certificates → Manage Certificates…
- “Your certificates” card > Import…
- Import here the file created under User certificate in the “Issue” section with the extension .p12. When prompted for a password, enter the password you chose in the “Issue” section.
Security
- Application menu (3 horizontal lines) → Account settings → <Your email account> → End-to-end encryption.
- S/MIME section
- Personal certificate for digital signature → Select…: Select your digital user certificate here.
- Personal certificate for encryption → Select…: Select your digital user certificate here.
- Section “Sending messages - default settings”:
- Do not enable encryption by default: enabled.
- Add your own digital signature by default: enabled
Use
Sign
- Click on the “Compose” icon in Thunderbird and compose a new email.
- Before sending, check that the message is digitally signed: in the menu bar at the top in the “Security” field, a tick must appear in front of “Sign message”.
- As soon as you click on “Send”, the e-mail is digitally signed and then sent.
- The communication partner sees the loop symbol as a sign of a digitally signed e-mail.
Encrypt
To encrypt an e-mail, you must first have the communication partner's public key. To do this, have your communication partner send you a digitally signed e-mail, for example, which is automatically added to Thunderbird's certificate store.
- Click on the “Compose” icon in Thunderbird and compose a new e-mail.
- Before sending, check that the message is digitally encrypted: in the menu bar at the top in the “Security” field, tick “Only send with encryption”.
- As soon as you click on “Send”, the e-mail is encrypted and then sent.
- The communication partner sees the padlock symbol as a sign of an encrypted e-mail.
en/tp/email/security/mozilla-thunderbird.txt · Last modified: 2023/10/10 10:41 by gu1111