Posted by: jasonk2600 | February 6, 2008

HowTo: Setup Thunderbird to use digital certificates

In this HowTo I’ll explain the steps necessary to create your very own digital certificate for signing, encrypting, and decrypting emails in Mozilla’s Thunderbird email client.

Step 1. – Create a personal digital certificate.

The first step is to create a digital certificate for use with your email application. The certificate is a file that acts both as a virtual key and virtual identification card. You will be the only one that has the digital certificate, which enables you to prove that you authored messages signed with your digital certificate. Since these certificates are unique and private, only messages signed using your certificate can be verified using your certificate.

There are two ways to create a personal digital certificate. You can use free encryption software to generate one or you can use a certificate authority service such as Thawte to create one for you. I highly recommend that you use a company such as Thawte to create one for you. By creating a personal digital certificate through a CA, your certificate can be verified in the event that another person has created their own certificate with your information and claims to be you. With a self-created certificate, there is no one else, aside from yourself, to prove that you are the rightful owner of your certificate.

Creating a digital certificate for free with Thawte is very simple. Just visit their website at http://www.thawte.com/email/index.html and follow the instructions.

Once you’ve registered with Thawte for a free, personal email certificate, logon to the Thawte website and go to the Certificates sections and click the “Requesting a New Certificate” link and follow the instructions. When you have finished entering the required information you will have your very own digital certificate for your email address, backed up and verified by Thawte. Your browser should automatically import your new certificate.

Step 2. – Export your personal digital certificate.

Secondly, you will need to export your new digital certificate from your browser and save it to a safe location on your computer. For example, in Firefox for Mac OS X select “Preferences” from the “Firefox” drop-down menu. Then click the “Advanced” button and select the “Encryption” tab. Click “View Certificates” and highlight the certificate from “Thawte Consulting” under the “Your Certificates” tab. Finally, click the “Backup” button and select a safe location to save your digital certificate.

Step 3. – Import your personal digital certificate into Thunderbird.

To Be Continued…

Advertisements

Responses

  1. Unfortunately, it looks like Thawte no longer offers free digital certificates for individuals for email. The only remaining choice that I know of is paying $20/yr with Verisign

    • Thawte still offers free certificates, but you must build a web of trust. You might also checkout Comodo, they offer free and instant personal certificates for e-mail.

  2. From:

    https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO12658

    “Thawte Personal E-Mail Certificates and the Web of Trust will be discontinued on November 16, 2009”

    “[existing] Thawte Personal Email Certificate[s] will be revoked on 16 November 2009”

    But I did find:

    http://www.instantssl.com/ssl-certificate-products/free-email-certificate.html

    Which worked fine. Note, it created my digital certificate in my Firefox web browser, which I then had to export and import into my mail client.

    Ben

  3. well, it’s usefull


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: