This document provides step-by-step instructions to install a S/MIME certificate and set up S/MIME in the Microsoft Outlook app on your iPhone.

S/MIME encrypted email in Microsoft Outlook iPhone app

What is S/MIME?

The Secure/Multipurpose Internet Mail Extensions (S/MIME) is an internet standard that allows the sender of an email to protect the confidentiality of the message by encrypting its content with the public key contained in the recipient's S/MIME certificate.

The Outlook app on the recipient's iPhone can then decrypt the message with the private key installed app.

S/MIME allows end-to-end encryption: the sender encrypts the email in a way that it can only be decrypted in the recipient's inbox, ensuring only the intended person can read it.

The sender of a message usually also signs it with their own S/MIME certificate (private key), which allows the recipient to authenticate the sender.

Get a S/MIME Certificate

You can buy a S/MIME certificate from a Certificate Authority (CA) or through a retailer, or get one free of charge from Actalis, an Italian CA.

Certificate authorities provide S/MIME certificate bundles either as a PKCS #12 file (.p12 or .pfx) if they generated the certificate for you or as a PKCS #7 (.p7b) file if you created the private key on your own computer and submitted a Certificate Signing Request (CSR) to the CA.

Transfer the S/MIME Certificate to Your iPhone

Email the certificate bundle to an email account installed in the Outlook app on your iPhone. If you got the S/MIME certificate as a .p12 or .pfx file, the private key should be encrypted with a password, so it is usually considered safe to send the certificate bundle by email.

Install the Certificate in the Outlook iOS App

Opening a PKCS#12 Certificate in Microsoft Outlook app

Open the message attachment in the Outlook app and tap Install Certificate.

Enter the password associated with the S/MIME certificate bundle when prompted. If you obtained the certificate as a .p12 or .pfx bundle from a certificate authority, they must have also given you the password.

The certificate's private key was encrypted with the password, so if you lost it, you won't be able to import the certificate into Microsoft Outlook iOS app.

S/MIME certificate installed

Turn On S/MIME Signing and Encryption

We're now going to set up the Microsoft Outlook app to digitally sign outgoing mail with the new S/MIME certificate bundle. This will allow our email contacts with a S/MIME-compatible email software to:

  • Authenticate messages we send them
  • Automatically import our public key so they can use it in the future to send us encrypted emails.

Navigate to the Outlook app Settings: Tap on your profile picture and then the Settings icon at the bottom of the screen. Select the email account corresponding to the email associated with the S/MIME certificate under Mail Accounts, as shown on the screenshot below.

Mail Accounts in Outlook App Settings

Select Security settings.

Security settings in Microsoft Outlook app

Toggle on S/MIME and Always Send As Signed.

S/MIME Settings

Add the Certificate to FormSmarts

Before you can receive online form submissions by encrypted email, you need to add the certificate to FormSmarts. Sign in from your iPhone (or any device where you've installed the certificate) and create a Certificate Addition Request (Step #4 in the set up instructions).

Create a S/MIME Certificate Addition Request

Send a signed email to the long email address returned when you submitted the request. You should receive an email within seconds confirming FormSmarts imported your S/MIME certificate successfully.