Disable email encryption by default

With the latest upgrade (Ventura 13.2.1) whenever I try to send email using the Apple client, I get a warning that the message can't be encrypted and I need to override the feature.


I previously had a self-signed certificate installed (I have no need to pay for a verified root cert) that I have deleted, but this did not solve the problem.


Is there any way to disable Apple email encryption?

MacBook Air 13″, macOS 13.2

Posted on Feb 22, 2023 12:59 AM

Reply
Question marked as Top-ranking reply

Posted on Feb 22, 2023 4:59 AM

P. Phillips, thanks for your reply. This was more complex than implied by the response. I had previously installed a single self-signed certificate which appeared to be in "My Certificates" under Local items, which I had removed before posting.


It turns out that MacOS appears to install multiple certificates scattered over "Certificates" and "My Certificates" as well as in Default and System keychains. Though I only installed one instance of a self-signed certificate, I had to remove a number of them (I didn't keep count, just removed anything that was identified as self-signed by me).


I'm sure there's some reason for this replication of certificates, but it's not clear to me what that would be.


I also removed the public and private keys related to the CA ascribed to me. That seemed to take care of the warning message.

7 replies
Question marked as Top-ranking reply

Feb 22, 2023 4:59 AM in response to Owl-53

P. Phillips, thanks for your reply. This was more complex than implied by the response. I had previously installed a single self-signed certificate which appeared to be in "My Certificates" under Local items, which I had removed before posting.


It turns out that MacOS appears to install multiple certificates scattered over "Certificates" and "My Certificates" as well as in Default and System keychains. Though I only installed one instance of a self-signed certificate, I had to remove a number of them (I didn't keep count, just removed anything that was identified as self-signed by me).


I'm sure there's some reason for this replication of certificates, but it's not clear to me what that would be.


I also removed the public and private keys related to the CA ascribed to me. That seemed to take care of the warning message.

Feb 22, 2023 1:35 AM in response to ppanish

How do I remove a certificate from Apple Mail?

  1. Click on the "Finder" icon in the Dock.
  2. Click on the "Go" menu at the top of the window and select "Utilities".
  3. Double-click on "Keychain Access".
  4. Select "Certificates" from the list of categories.
  5. Click on the certificate you want to delete. An untrusted certificate has a red "X" symbol under its name.


Feb 22, 2023 4:28 AM in response to ppanish

By the information below reverse this process to Remove the Certificate


If not done properly as in Remove the Certificate from Keychain >> try again


Use personal certificates in Mail on Mac

If you want to send and receive signed and encrypted messages in the Mail app on your Mac, you need a personal certificate.

Step 1: Obtain a certificate

For each email address you want to use to send signed messages and receive encrypted messages, you must get a certificate from a certificate authority (CA). See Request a certificate from a certificate authority.

Step 2: Import the certificate

To import the certificate into Keychain Access, double-click the certificate file you received from the CA. Once you import your certificate, it should be listed in the My Certificates category in Keychain Access.

The certificate file must have a file extension that indicates it contains certificates—such as .cer, .crt, .p12, or .p7c—or Keychain Access can’t import it.

If Keychain Access can’t import the certificate, try dragging the file onto the Keychain Access icon in the Finder. If that doesn’t work, contact the CA to ask if the certificate is expired or invalid.

Step 3: Use the certificate

Open your certificate in Keychain Access and make sure its trust setting is Use System Defaults or Always Trust. Now you can use the certificate to send and receive signed and encrypted messages.

Note: If for some reason your certificate isn’t associated with your email address, or you want to use the certificate with a different email address, Control-click the certificate in Keychain Access, choose New Identity Preference, and provide the requested information.

Open Keychain Access for me

To use your certificate on another Mac, import the certificate into Keychain Access on that Mac.

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Disable email encryption by default

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.