How to send and receive encrypted S/MIME emails with UCM Global

What is S/MIME and email encryption

S/MIME, or Secure/Multipurpose Internet Mail Extensions, is a technology that allows you to encrypt your emails. S/MIME is based on asymmetric cryptography to protect your emails from unwanted access. It also allows you to digitally sign your emails to verify you as the legitimate sender of the message, making it an effective weapon against many phishing attacks out there.

How to send S/MIME encrypted emails to a contact at UCM Global

Before you begin, ensure that your email software supports S/MIME. Popular packages which do support this include: Outlook, Eudora, Novell 6.0, Netscape, Lotus Notes, and others. If you do not know, please contact your local IT helpdesk.

If you do not already have a digital certificate, you must also now acquire your own digital certificate. Unfortunately, UCM Global cannot provide digital certificates to external partners, but those services are available from a third party.

Depending on the supplier of the digital certificate you will need to install the certificate into your email client. If your digital certificate is not automatically installed by your IT department or by the purchase and setup of the digital certificate you will need to follow your email client’s instructions on how to install this. For Outlook, please see the Microsoft support article here:

Once you have your secure E-mail configured, both of you must send the other a digitally signed message. When you get it, add the sender to you Outlook Contacts and instruct them to do the same:

  • Open the signed message from the external contact.
  • Right-click the sender’s name or email address in the “From:” part of the message.
  • From the menu that appears, select “Add to Contacts”.
  • Enter and additional information needed for the contact.
  • Click the “Certificates” tab and ensure there is a certificate listed.
  • Once you finish, click “Save and Close”.

Once you have both completed the above steps, you can now send encrypted messages to one another.


If you have completed the above steps, and are still unable to send encrypted emails there are a few steps to rectify (the below is only for Microsoft Outlook however the principles should apply to other clients):

  1. Ensure you are sending the email to the correct contact. Outlook will cache contacts for quick access:
    • If you start to type the contacts name and it automatically appears, highlight the name and press SHIFT + DEL or click the “X” next to their name to remove them from the cache.
    • Next, click the “To:” button to the left of the “To” box in the new message. This will bring up your address book.
    • Ensure you are in the online copy of your contacts and select your contact from the “Contacts” section of your address book.
  2. Ensure you contact has their certificate assigned to them:
    • In your contacts, find the contact in question.
    • Double click to open their contact card
    • Click the “Certificates” button in the top ribbon
    • Check there is a certificate here.
    • If there is no certificate, either delete the contact and follow the steps prior to the troubleshooting section to re-add the contact with their digital certificate, or;
  3. Import the contacts certificate into your Outlook contact:
    • Find an email with the contact’s certificate
    • Open the certificate by clicking the rosette icon
    • Click “Details” in the dialouge
    • Select the “Signer:” and then click “View Details”
    • Click “View Certificate”
    • Click the “Details” tab, then click “Copy to File…”
    • Follow the Export Certificate Wizard and save the “.cer” file to somewhere known such as your desktop. Now close all the open certificate windows.
    • Find the contact in your address book.
    • Click the “Certificates” button, then click “import”
    • Find the saved certificate and click “Open”


A list of the various Outlook icons can be found here: