Digital Signature Certificate Help

Why should I backup my digital certificate including private key from windows key store

  • You will lose your private key in case of operating system failure or OS reinstallation
    Your certificate will be of no use in that case
  • You can use the same certificate from another personal machine of yours

How to backup your digital certificate including private key from windows key store

  1. In Internet Explorer, open Tools, and then click Internet Options. The Internet Options window displays.
  2. From the Content tab, click Certificates.
  3. From the certificates list, select the certificate you want to export, and then click Export.
  4. Click Next.
  5. Click Yes, export the private key, and then click Next.

    NOTE: If the "Yes, export the private key" option is not available, your private key is not present or is marked as not exportable.

  6. Select Personal Information Exchange, and then select Include all certificates in the certification path if possible.
  7. Select Export all extended properties
  8. Do not select Delete the private key if the export is successful unless you want to delete the private key in the certificate store.
  9. Click Next.
  10. Enter password twice (remember this password).
  11. Select the location to which you want to save the PFX file, and then click Next.
  12. Click Finish and then, in the confirmation window that displays, click OK.
  13. Store this file in a safe place and do not share with anyone
  14. Do not forget the password you gave during export

How to sign Email in Outlook

Configuration for Signing Mail

  1. Your Certificate should already be in the Windows Key Store of the same PC where you are using Outlook
  2. Open Microsoft Outlook and go to Tools > Trust Center > E-Mail Security
  3. If your email address is not shown in ‘Default Settings’, click ‘Settings…’
  4. The following window should be seen. Please make sure that your email address is shown in ‘Security Settings Name’
  5. Click OK and the window should look like
  6. Click OK again to close the Trust Center

Send a Signed Mail

  1. Click ‘Sign’ in ‘Options’ before sending the mail

Mail Signing problem in Outlook

  • Run Outlook as administrator
    • Create a shortcut of Outlook (may be on Desktop)
    • Go to Properties of the shortcut and select 'Run as administrator' in the Compatibility tab

How to sign Email in Mozilla Thunderbird

Import your certificate

  1. Export your certificate including private key in .pfx format as shown in
    "How to backup your digital certificate including private key from windows key store" section
  2. Open Mozilla Thunderbird and go to Tools->Options->Advanced->Certificates Tab->View Certificates button->Your Certificates Tab
  3. Click Import button and select the .pfx file of your certificate

Select your certificate for Mail signing and encryption

  1. Open Mozilla Thunderbird and go to Tools->Account Settings->Security section of your mail address
  2. Click Select and choose the your certificate for both signing and encryption

Send a Signed Mail

  1. Send a signed mail following the image below