Getting Started with Digital Signature in Bulk Mail

Obtaining and using digital signature in Bulk Mail.

What is digital signature?

How do I obtain a digital certificate?

How do I use my digital signature?


What is a digital signature?

A digital signature is an electronic message security feature used to authenticate and validate digital information - such as e-mail messages, documents, and macros, assuring that the signer is the originator and that this information has not been altered or tampered with; and this was not sent by an imposter. 

A sender signs a message, the message is sent, and the signed message is then verified

How to recognize a digital signature

For more information about recognizing and verifying a digital signature in an email message or document that you've received, go to:
Microsoft's How to tell if a signature is trustworthy


What is an S/MIME client certificate?

A digital certificate is comprised of a pair of mathematically linked but different numbers called keys, one private and one public used in conjunction with a method of encryption called asymmetric cryptography to exchange information securely and protect information integrity.

An S/MIME (Secure/Multipurpose Internet Mail Extensions) client certificate is the encryption mechanism used to create digital signatures for email messages (or also encrypting messages).  When the sender signs an email using a digital signature, it provides a mechanism for the recipient to be able verify who sent the message and that the email hasn't been altered in transit.



[Reference: Indiana University]

  

How do I obtain a digital certificate?

Step 1:  Open a Help Desk ticket in the OIT Identity & Access Management queue to request a digital certificate.

Provide the following information:
  1. Name of the customer
  2. Customer NetID
  3. Primary email address
  4. List of all email aliases

Example:

  1. Name: Sammy Willy Owl
  2. NetID:  swo1
  3. List hst the primary email addresses that will be used to send Bulk Mail: sw.owl@rice.edu
  4.  willy.owl@rice.edu; sammy.owl@rice.edu. 

Step 2:  The person requesting the cert should check their email for a message from the Certificate Authority (Certificate Services Manager <support@cert-manager.com>) for an invitation with a link to create the certificate. [At this step, you may request assistance from your Division Representative].  The email should read as follows with the customers information.

Dear <Requestor Name>,

You now need to complete the following steps:

    * Click the following link to validate your email https://cert-manager.com/customer/InCommon/smime?action=invite&requestCode=RUpXxp34pUTrYYSY8V5SeI3Tk&email=<requestor NetID%40rice%2eedu (if the link doesn't work please copy request code RUpXxp34pUTrYYSY8V5SeI3Tk and paste it into proper field in the validation form).
      Your request code: RUpXxp34pUTrYYSY8V5SeI3Tk
    * Type in a PIN to protect your email certificate
    * Click 'Download' to collect your certificate. You should save this file to a safe place on your hard drive.
    * Import your new certificate into your email client and/or internet browser. (Please contact your administrator for help with this/Please click the following link for instructions)

Step 3: The email will direct the user to click on a URL that will show a page titled InCommon Certificate Manager - User Registration. 

The link from your email will display a User Registration form to fill out.

 

Step 4:  The customer should create a strong password in a text file that can be copied and pasted into the PIN and re-type PIN fields.  Loss of this password will require you to start over from scratch as this certificate will be unusable.  The PIN is the password to access the file.  The Pass-Phrase is used only for renewing the certificate or revoking it.  Create Pass-Phrases and save them in the text file and copy them into the appropriate fields then click SUBMIT at the bottom of the page.

Step 5: The certificate will be made available for download.  Click DOWNLOAD, have the customer create a box share, and MOVE the .p12 file into it.  The file is encrypted using the PIN the customer chose during Step 3.

Select the Download button to save your digital certificate.

Your downloaded file will end in

Step 6:  Create a BOX folder and MOVE the file into this folder.  In Box, share the folder with Omer@rice.edu.  Copy the Box share URL.

Step 7:  Have the customer email Omer@rice.edu with the URL from box for the location of the certificate.  In the email request the cert to be installed in Bulk Mail.

To the top

How do I use my digital signature?

You can use your digital signature within Bulk Mail using the instructions below. To learn about how to access and use Bulk Mail, visit the Bulk Mail KB article

1. Digitally sign this message? - This feature is added to digitally sign the email also known as S/MIME (Secure/Multipurpose Internet Mail Extension). Your email will be signed with a digital signature.  Select "No", if your email address has not been set up to use the digital signature. 
Within Bulk Mail, you will have the option to select

2. Digital Certificate Password {PIN}: You will need to enter the digital signature certificate password if you select "Yes" to sign your email with a digital signature.  Make sure "From" email address matches with the email in your digital certificate to correctly sign your email. If your "Bounce To" address is different from your "From" address, make sure "Bounce To" address in included in the certificate subject alt name of your digital certificate to correctly sign your email.
    You will be asked to enter your Digital Certificate Password in the next text field after you select the option to include your digital signature.

 

To the top

See Also:




Keywords:Digital Certificate bulk mail S/MIME certificate PIN InCommon Manager   Doc ID:71954
Owner:Dora L.Group:Rice University
Created:2017-03-22 15:07 CDTUpdated:2020-12-11 12:28 CDT
Sites:Rice University
Feedback:  0   0