Email Encryption with S/MIME

Email encryption is not widely documented in a way that most people can understand it or how to set it up. This is my small attempt to help you get started.

There are two common choices, PGP and S/MIME. I tried PGP using Thunderbird's EnigMail extension and was not very pleased with it; it did not seem very flexible with supported message formats, and my colleagues using Windows did not have an easy way to use it. S/MIME seems to be better in both of these respects. Here's how I set it up on Thunderbird with a free certificate using Firefox (other email clients and browsers will also work but I don't have specifics for them):

  1. With Firefox browse to

  2. Click Sign Up Now.

  3. Fill out and submit the form, and wait to receive email from

  4. Click the indicated button to install the certificate.

  5. Now you have a free personal client certificate from a widely recognized certificate authority good for one year.

  6. In Firefox go to Edit -> Preferences -> Privacy & Security -> View Certificates -> Your Certicates. Highlight the new one from COMODO CA Limited and click "Backup..." and back it up to a file somewhere. Use a password that you will remember.

  7. In Thunderbird go to Edit -> Account Settings -> Security -> Manage Certificates -> Import and import the backup saved in the previous step. Close the Certificate Manager window.

  8. In the still-open Account Settings window select the imported certificate for signing and encryption, and click OK.

Now email that you sign will include your public key so that others can send encrypted mail to you. Enjoy!