BlackBerry 10.3.1 User Manual
Securing your email
You can digitally sign or encrypt messages if you use a work email account that supports S/MIME or PGP protected
messages or IBM Notes email encryption on your BlackBerry device. Digitally signing or encrypting messages adds another
level of security to email messages that you send from your device.
Digital signatures are designed to help recipients verify the authenticity and integrity of messages that you send. With S/
Digital signatures are designed to help recipients verify the authenticity and integrity of messages that you send. With S/
MIME-protected messages, when you digitally sign a message using your private key, recipients use your public key to
verify that the message is from you and that the message hasn't been changed.
Encryption is designed to keep messages confidential. With S/MIME-protected messages, when you encrypt a message,
Encryption is designed to keep messages confidential. With S/MIME-protected messages, when you encrypt a message,
your device uses the recipient’s public key to encrypt the message. Recipients use their private key to decrypt the
message.
If you use a work account that supports PGP protected messages, you can digitally sign, encrypt, or sign and encrypt
If you use a work account that supports PGP protected messages, you can digitally sign, encrypt, or sign and encrypt
messages using PGP protection. You need to store the recipient's public key on your BlackBerry device to send encrypted
email messages. You need to store your private key on your device to send digitally signed email messages.
If your device is associated with a CRL or an OCSP server, when you add recipients to an encrypted message, your device
If your device is associated with a CRL or an OCSP server, when you add recipients to an encrypted message, your device
tries to retrieve a certificate status for each recipient. You are unable to send the message until certificate statuses are
received for all recipients. If certificates can't be found or are invalid, the recipients' names appear as red.
Set up S/MIME-protected messaging
You need to store a private key and certificate on your BlackBerry device to send digitally signed or encrypted email
messages using S/MIME-protected messaging. You can store a key and certificate by importing the files from a work email
message or a media card.
Your BlackBerry device supports keys and certificates in the following file formats and file name extensions:
messages using S/MIME-protected messaging. You can store a key and certificate by importing the files from a work email
message or a media card.
Your BlackBerry device supports keys and certificates in the following file formats and file name extensions:
• PEM (.pem, .cer)
• DER (.der, .cer)
• PFX (.pfx, .p12)
• DER (.der, .cer)
• PFX (.pfx, .p12)
1.
Open a work email message with a certificate attachment.
2.
Tap
.
3.
If necessary, enter the password.
4.
Tap Import or Import All.
5.
Tap
.
6.
In the BlackBerry Hub, tap
>
> Secure Email.
7.
If necessary, tap the S/MIME tab.
8.
Turn on the S/MIME switch.
9.
Under Signing Certificate, in the drop-down list, tap the certificate that you imported.
10. Under Encryption Certificate, in the drop-down list, tap the certificate that you imported.
User Guide
BlackBerry Hub and email
79