Abstract
An S/MIME digital certificate is similar to a TLS Client certificate, except that it is used for key exchange and authentication in S/MIME secure E-mail, rather than in TLS. They are used to create and verify digital signatures, as well as to seal and open digital envelopes. There are two fields of an X.509 certificate found in an S/MIME certificate that are not required in a TLS Client certificate. However, an S/MIME certificate with those fields will work fine for TLS Client authentication, so a single certificate can serve both purposes if it contains those two fields. As with TLS Client certificates, each user requires a unique S/MIME certificate that identifies them. Unlike TLS Client certificates, anyone sending an S/MIME encrypted message requires the S/MIME certificate of each recipient of that message (at the time of sending the message). This is simplified by publishing all users’ S/MIME certificates in a shared address book (such as Active Directory).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature
About this chapter
Cite this chapter
Hughes, L.E. (2022). Issue and Manage S/MIME Secure Email Certificates. In: Pro Active Directory Certificate Services. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-7486-6_16
Download citation
DOI: https://doi.org/10.1007/978-1-4842-7486-6_16
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-7488-0
Online ISBN: 978-1-4842-7486-6
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)