Distributing your certificate
Recall that digitally signing a message requires nothing more than setting up your own digital ID, whereas encryption requires that you have other people's encryption certificates in your address book before sending. So once you have your own personal certificates setup and are ready to send secured messages to others, you'll want to distribute your certificate to others as well as obtain others' certificates. There are several ways to distribute your certificate in Entourage:
- Use an LDAP server: This mostly applies in corporate-type environments where such servers are installed, but if you have access to an LDAP server that supports user certificate fields, you can simply search for and import the entire contact entry from a Directory Services search. Assuming the user's personal certificate is updated in the database, the certificate will be imported along with the rest of their contact info. This is probably the quickest and easiest method if you have access to such a server.
- Send your contact a digitally signed message : By sending someone a simple, digitally signed message, your public encryption and digital signature certificate(s) will be sent along with the message (if you leave the "include my certificate when sending signed messages" option checked in Account Prefs). Your recipient's S/MIME-capable email client should then be able to extract your certificate and add it to the rest of your contact information in their address book. Conversely, to obtain someone else's public encryption certificate, have them send you a digitally signed message. Entourage will give you the option to save the certificate with the user's other contact information. Simply click on "View Details" in the InfoBar of the message, and click the "Add to Contacts" button. See section below for actually sending a digitally signed message. View Screenshot