Quick walkthrough for setting up signed outgoing e-mails on the iPhone / iPad
Scenario: You have a free E-Mail signing certificate such as the one from Comodo, you’ve set it up on your desktop/laptop e-mail, but you also send a lot of mail from your iPhone / iPad too.
There are two steps to getting signed mail working on the iPhone.
Step 1: Install your certificate and Private Key onto the iPhone using the ‘Apple Configurator version 2’.
Download the ‘apple configurator 2’ from the App Store onto your mac.
(This is a tool from apple that lets you create profiles and roll-out changes such as certificates to your iPhones/iPads/AppleTV’s.
Goto File > new profile.
A new profile window appears, In the general tab, give the profile a name as below:
Then, go into your mac key store (The app is called ‘keychain access’). Goto certificates, you should find your imported Comodo cert listed with your e-mail address as the title as below:
Right click your mail certificate and chose export.
This will export your Certificate and Private key into one ‘.p12. file. You’ll be prompted to protect the exported certificate with a new password. (Don’t leave it blank. You’ll only need the password once in about a minutes time, so may as well make it strong!).
Now you should have a ‘.p12’ file in your documents. Yes? Good.
Back to the Apple Configurator Profile screen.. Click on the ‘Certificates’ section on the Left and click the ‘Configure’ Button. You will be prompted to add a certificate, use the finder window that appears to find and select your new .P12 file.
You will then need to give the Profile the password you just used for the P12 export. Type it in the ‘password:’ field, you’ll know if it’s right as the window will change from showing this:
Thats it! We can now save this profile and add it to our iPhone/iPad.
Save it by clicking the title at the top of the profile window and give it a name. Mine saved in my iCloud drive, this is fine.
Now, plug your phone into your Mac via USB. It will appear in the ‘Apple Configurator 2’ Main window.
Right click it, chose Add > Profile. Then select our new .mobileconfig file we’ve just saved.
Then, follow the instructions on the Mac and on your iPhone to install the certificate.. The iPhone will need your iPhone password and warn you the ‘Profile is unsigned’. This is fine.
Once done, you can unplug your phone from your Mac, you’re ready for step 2…
Step 2: Turn S/MIME E-Mail signing on within your iPhone settings and select the certificate you just uploaded.
This is the easy bit.
On your phone. Go into settings > Mail.
Chose ‘Accounts’, then select the account the certificate is for (Mine is my Exchange account).
Then, select the ‘Account email@example.com’ line at the top of the screen to drill into that accounts’ settings…
From here, Click ‘Advanced Settings’.
Thats it, your e-mails should now be sent signed!