Why add a personal digital certificate to your email client?
A PDC can be used to digitally sign your outgoing email messages. This allows people to confirm the email you send is actually from you, and that the email has not been tampered with in transit. Recipients will receive a notice that the email has been digitally signed for enhanced security.
It is fairly easy for a bad actor to send email messages which appear to come from you, using a digital signature will not prevent this from happening. But, it is much more difficult for a bad actor to send digitally signed messages which appears to come from you.
If you use a PDC to digitally sign all your email, the people you email regularly should learn to expect the digital signature on all your email. If they receive an email without a digital signature, they should question if the email is actually from you or a bad actor.
Request your personal digital certificate
- Request your new PDC by following the directions on the VT Certificate Manager.
- Wait a few minutes for your PDC to be created.
- Refresh your browser, when your PDC is ready the 'Status' will read 'Fulfilled'
- Download your PDC... click 'Action' -> 'PKCS#12 Keypair', save the file to your desktop
- Copy the PDC password to your clipboard (you'll need it later when you import your certificate)
Installing the personal digital certificate in outlook
NOTE: if you dont use outlook for email, skip this section
Installing the personal digital certificate in gmail
NOTE: if you dont use gmail for email, skip this section
- Sign into your gmail account
- In gmail settings, go to 'Accounts and Import'
- In the 'Send mail as:' section, next to your Virginia Tech email address, click 'edit info'
- In the 'S/MIME' section, upload the PDC you saved in the previous section
- Paste the PDC password you copied to the clipboard in the previous section
Send a test message
Send me a test message and I'll be glad to check it for the enhanced security notice displayed when your PDC is configured correctly. You can also check your sent mail folder, signed messages should show an enhanced security notice. (digitally signed)
- You will need to install the PDC everywhere you use email. Desktops, laptops, gmail/office365 and phones.
- Some apps do not support S/MIME technology to allow for digital signatures, some mobile phone apps for example may not support S/MIME.
- The PDC you requested and installed will expire in 2 years, at that point you will need to repeat the above procedure with an updated PDC.