Skip to main content



If you have a digital certificate, you can use it to digitally sign and encrypt emails. IdenTrust digital certificates that can be used for this application include:

  • DoD ECA certificates
  • IdenTrust TrustID® certificates
  • IdenTrust Global Common (IGC) certificates

These instructions assume that you have already installed a digital certificate on a Microsoft® Windows® computer using Microsoft® Edge and that you want to use that certificate with Apple Mail on the same computer.

There are three (3) general steps:

  1. Export the certificate from the browser
  2. Install in OS X.
  3. Use your IdenTrust digital certificate with Apple Mail.

The specific instructions are as follows:

1. Export the Certificate from the Browser

Please note that you will need to have backed up your certificate to a file beforehand. If you need assistance with that process, please see our instructions on How to Export a Certificate When Using Microsoft Windows OS.

2. Install the Certificate in OS X

  • Double-click the file downloaded in the “Certificate Manager” directory.
  • OS X Keychain Access will prompt you for the certificate passphrase.

Please note that if this is a token-based certificate, you will simply install the previously supplied software, then plug in your device; this will automatically make the certificate accessible across your Mac.

The digital certificate will be installed on your Mac and will be in the “My Certificates” section of “Keychain Access”. The digital certificate is now available for Apple Mail, Outlook and other applications that can use client certificates.

3. Using Your Certificate with Apple Mail

  • Enabling Digital Signing and Encryption

    If you have just installed your digital certificate on your Mac, close “Mail” and then restart it. Begin composing an email message. A “Signed” icon, containing a checkmark, should be in the lower right of the message header to indicate that the message will be signed. If the “Signed” icon does not appear, select “Customize” in the lower left of the message header and add the “Lock” and “Signed” icons.
  • Signing Email

    To send a signed message, verify that the “Signed” icon has a checkmark in it and not an “x”. If the “Signed” icon shows an “x”, your message will not be signed.
  • Encrypting Email

    If you have the public certificate for the user or users to whom the message is addressed, you will be able to encrypt the email message. In the lower right of the message header, click the “Open Lock” icon to lock it. When the icon is “Locked”, your email message will be encrypted.