Skip to content

Install personal and functional certificates in macOS

Locate the PKCS12 file you just downloaded in Finder (should be in the Downloads folder) and double-click to open it. Enter the password you just assigned during the download.

If you selected the wrong algorithm during certificate generation, you will be prompted several times to enter the password but the process will always fail with these error messages. In this case, you must repair the certificate file repair.

If the import process is acknowledged with this error message, you can safely ignore it.

Your certificate should now be reside in the macOS keychain.

Functional certificates have no name and are called Karlsruher Institut für Technologie.

Setting up Apple Mail

Apple has official instructions on how to do this.

Setting up Microsoft Outlook for Mac

These instructions do not work with New Outlook. If necessary, revert to Legacy Outlook.

Open the settings dialog:

Open Accounts under Personal settings:

On the left, select the account for which you want to use the certificate. Then open the dialog for advanced settings dialog:

Switch to the Security tab.

Under Digital signing and Encryption, select the appropriate certificate.

Select SHA-256 as the Signing algorithm. Select AES-256 as Encryption algorithm.

Select these:

  • Sign outgoing messages
  • Send digitally signed message as clear text
  • Include my certificates in signed messages