left header graphic The Network People
Solutions for Hosting Providers
right header graphic

Do it Yourself .mac home : computing : mac : tips : Setting up a Digital Signature with Mail.app Creating Panoramic Images
Mail.app Digital Signature

How to install a Thawte S/MIME Digital Signature Mail.app (tested on Mail.app v1.3 (Panther))

Why?: Soon after OS X 10.1 was released, the PGP extensions for Mail.app began circulating and were fairly easy to get working with Mail.app. It was then that I finally transitioned away from reading all my mail in a terminal using PINE. Being able to sign and encryt emails is something I require of my mail application. Of course, Mail directly importing my mbox archives with 10+ years of email was also required. An email client finally dragged me away from PINE and no kicking or screaming was involved. In an email exchange between myself and JK Scheinberg at Apple, I noticed he had a S/MIME signed message he send me using Mail.app. I googled the topic and turned up nothing so I twisted his arm until he passed along the instructions for how he had accomplished it.

How: Here's instructions on getting an S/MIME certificate from Thawte.com.

Request a certificate:
1. Launch Mozilla (This will not work in Safari)
2. Go to Thawte's web site, http://www.thawte.com
3. Click on the "Get your FREE personal email certificate"
4. Register with Thawte
5. Request a new "X.509 Certificate".
6. After filling in the request Mozilla will prompt you for a password for the "Software Security Device". This is the password for Mozilla's internal password/certificate management system. It's not your keychain password.
7. Now go to the "View Certificate Status" page on Thawte's page. You should see your requested certificate with a status of either "Pending" or "Issued". If it's pending, wait a while until it's issued. The last one I did took about 10 minutes to get issued.
8. Once the certificate has been issued view the details of it an then click the "Fetch" icon at the bottom of the detail page.
9. Bring up the prefs panel in Mozilla and select the "Certificates" item under Privacy & Security.
10. Click on the "Manage Certificates..." button. This will show a list of certificates that you have downloaded.
11. Select the certificate you just created and click the "Backup" button.
12. Enter a filename and save it somewhere.
13. Quit Mozilla

Add the Cert to your Keychain
1. Go find the cert that you saved from step #12 in the Finder and double click it
2. You'll be prompted for the password for the item and what keychain to add the cert to.

Try it out in Mail
1. In Mail, compose a new message from the email address that you got the cert for. You should see the "Sign" button in the compose window.
2. Verify that in the message you receive there is a Security header saying "Signed".
3. There is no step 3!


Last modified on 4/25/05.