The device involves the following steps:
- Production of a certificate with the public and private keys in the web browser
- Export the certificate to a file
- Import the certificate into Thunderbird
- Configuration of the certificate in Thunderbird
On the Wiki Thunderbird, , the essential technical explanations mail encryption and signing using S / MIME.
1. Generate the certificate in the Web browser
Certificates may consist of two parts: the public key and private key. For signing (and, indirectly, to encrypt) you need a certificate with a public / private key. The private key is the secret, used for decrypting and digitally signing. The public key of others is required to encrypt and to the verification of the digital signature.
For private purposes can be easily online at https://www.startssl.com/ such a certificate be. The issuance of the certificate in the following steps is done on the linked Web page:
1. Completing the necessary Web Forms
2. Verification of the email address
3. Input of the Verifzierungscodes. Then automatically generates the certificate in your Web browser, signed by StartSSL and stored in the certificate store from Firefox.
In the co-investment:
call in Firefox https://www.startssl.com/ on and click on "Sign up":
Switch to german doesn't work for me for the certificate creation. So in English.
Then register:
Switch to german doesn't work for me for the certificate creation. So in English:
Insert personal information:
Wait, until the code in your own email mailbox is received (already you can 30 Last minutes):
and then enter it on the remaining open side:
and click on "Sign Up". Then Firefox creates a certificate, sends the public part of the certificate at StartSSL. StartSSL digitally signs the certificate, to confirm, that those, He uses the certificate, Access to the specified email address has. StartSSL's signature will be sent back to Firefox, It automatically stores it in the client certificate store from Firefox. This process runs automatically in the background.
You will then:
The certificate is now ready and stored in Firefox. To test the certificate, Click on the "Login Now".
Then Firefox will ask if, the newly created certificate to use to login at StartSSL:
I choose from 'Remember this decision', because I always want to be asked, If I signed somewhere.
2. Export of the certificate from Firefox
To use the certificate in Thunderbird, must first be exported's Firefox as a file.
To do this in Firefox the menu call and click on "Settings":
Click on "Advanced" and then on "View certificates"
Then the following dialog appears:
Click on "Your certificates", so that you can see the certificate. Then click the certificate, to select it, and click "Save", to save it on your computer. Before saving, Firefox asks for a password. The password is used, encrypted on your computer to store the secret part of the certificate. So, you can assign a new password – remember the password!
3. Import of the certificate into Thunderbird
Connecting open Thunderbird, Click on "Tools" and "Account settings".
Then select the account, When you created the certificate, and select "S/MIME security" (see 1. in the following screen shot).
Then click on "Manage certificates", It seems the following dialog (With you, the list will be empty probably different as shown in the dialog):
In this dialog, click on the "Your certificates" tab and then click "import".
Select the certificate file generated from Firefox out to in the file chooser dialog and enter the password of choice while saving the certificate then unprotect.
This message appears if successful:
By clicking on "OK" in that dialog and the behind it like close both Windows.
Then click on "Select" in the accounts settings dialog is still open, Select the newly created certificate and answer the demand, If the certificate is to be sent with the email recipients, so that they can send you encrypted messages, with "Yes".
Now the encryption is finished.
4. Send digitally signed mail
If you now compose a message, can send digitally signed messages. To do so click "S/MIME" when composing a message in the upper row and choose "Sign message".
5. Encrypt a message
You can send an encrypted message to someone, of a signed message with his certificate is sent to you. You can easily import the appropriate certificate in Thunderbird. The same button "S/MIME", as in "4. You can then select digitally sign", that you want to send the message encrypted.