3 Replies Latest reply: Apr 21, 2013 9:21 AM by Linc Davis
Kirsten15 Level 1 (0 points)

I'm trying to send data via encrypted message, but I can't figure out how. Does anyone know how to encrypt email using an iMac and Apple mail?  Thanks!

  • Eric Ross Level 6 (11,665 points)
  • g_wolfman Level 4 (1,120 points)

    Notwithstanding the information provided by Eric Ross, you also need to be aware that (regardless of whether you choose S/MIME or GPG encryption technologies) in order to send encrypted e-mail:


    1.  Both you and the recipient need to be using encryption (you need the recipients public key in order to encrypt); and,

    2.  You both also need to be using the same technology (S/MIME certificates or GPG keys).

  • Linc Davis Level 10 (192,325 points)

    Go to InstantSSL and request a free S/MIME signing certificate. It's valid for a year, only for the address you specify. You'll be prompted to set a revocation password, which you'll need if you ever want to stop the key from being trusted. I suggest you save the password as a secure note item in the keychain.

    Click the link in the message you'll receive at that address. A file named "CollectCCC.p7s" will be downloaded in your web browser. Double-click the file. It will open in Keychain Access. Confirm that you want to import the keys it contains.

    Two items will be added to the keychain you specify. Both are named "Key from secure.instantssl.com". One is of type private key and one is of type public key. You'll want to delete those items when the key expires or is revoked.

    Quit and relaunch Mail. When you next compose a message from the certified address, you'll have the option to sign it, as detailed here: How to Use a Secure Email Signing Certificate (Digital ID).

    The first time you sign a message with the new certificate, you'll be prompted to allow Mail to use it in the keychain. Click Always Allow.



    1. You must quit and relaunch Mail before the certficiate will be recognized.
    2. Mail that is only signed is not encrypted; anyone can read it. The recipient can be reasonably sure that it came unaltered from a person who receives mail at the sender's address. That is not proof of the sender's identity.
    3. To encrypt messages, the recipieint must already have gone through a similar setup process, and you must know his or her public key. The key can be sent to you in the clear, attached to a signed message, but again, you have no proof of the sender's identity. All you know is that he can receive mail at the specified address.