Getting Started with Digital Signature in Bulk Mail
What is a digital signature?
A digital signature is an electronic message security feature used to authenticate and validate digital information - such as e-mail messages, documents, and macros, assuring that the signer is the originator and that this information has not been altered or tampered with; and this was not sent by an imposter.
How to recognize a digital signature
For more information about recognizing and verifying a digital signature in an email message or document that you've received, go to:
Microsoft's How to tell if a signature is trustworthy
What is a S/MIME client certificate?
A digital certificate is comprised of a pair of mathematically linked but different numbers called keys, one private and one public used in conjunction with a method of encryption called asymmetric cryptography to exchange information securely and protect information integrity.
Step 1: Open a Help Desk ticket in the OIT Identity & Access Management queue to request a digital certificate.
Provide the following information:
- Name of the customer
- Customer NetID
- Primary email address
- List of all email aliases
- Name: Sammy Willy Owl
- NetID: swo1
- List hst the primary email addresses that will be used to send Bulk Mail: email@example.com
- firstname.lastname@example.org; email@example.com.
Step 2: The person requesting the cert should check their email for a message from the Certificate Authority (Certificate Services Manager <firstname.lastname@example.org>) for an invitation with a link to create the certificate. [At this step, you may request assistance from your Division Representative]. The email should read as follows with the customer's information.
Dear <Requestor Name>, You now need to complete the following steps: * Click the following link to validate your email https://cert-manager.com/customer/InCommon/smime?action=invite&requestCode=RUpXxp34pUTrYYSY8V5SeI3Tk&email=<requestor NetID%40rice%2eedu (if the link doesn't work please copy request code RUpXxp34pUTrYYSY8V5SeI3Tk and paste it into proper field in the validation form). Your request code: RUpXxp34pUTrYYSY8V5SeI3Tk * Type in a PIN to protect your email certificate * Click 'Download' to collect your certificate. You should save this file to a safe place on your hard drive. * Import your new certificate into your email client and/or internet browser. (Please contact your administrator for help with this/Please click the following link for instructions)
Step 3: The email will direct the user to click on a URL that will show a page titled InCommon Certificate Manager - User Registration.
Step 4: The customer should create a strong password in a text file that can be copied and pasted into the PIN and re-type PIN fields. Loss of this password will require you to start over from scratch as this certificate will be unusable. The PIN is the password to access the file. The Pass-Phrase is used only for renewing the certificate or revoking it. Create Pass-Phrases and save them in the text file and copy them into the appropriate fields then click SUBMIT at the bottom of the page.
Step 5: The certificate will be made available for download. Click DOWNLOAD, have the customer create a box share, and MOVE the .p12 file into it. The file is encrypted using the PIN the customer chose during Step 3.
Step 7: Have the customer email Omer@rice.edu with the URL from the box for the location of the certificate. In the email request the cert to be installed in Bulk Mail.