Securing your email

You can digitally sign or encrypt messages if you use a work email account that supports S/MIME-protected messages or IBM Notes email encryption on your BlackBerry device. Digitally signing or encrypting messages adds another level of security to email messages that you send from your device.

Digital signatures are designed to help recipients verify the authenticity and integrity of messages that you send. With S/MIME-protected messages, when you digitally sign a message using your private key, recipients use your public key to verify that the message is from you and that the message hasn't been changed.

Encryption is designed to keep messages confidential. With S/MIME-protected messages, when you encrypt a message, your device uses the recipient’s public key to encrypt the message. Recipients use their private key to decrypt the message.

Your BlackBerry device supports keys and certificates in the following file formats and file name extensions:
  • PEM (.pem, .cer)
  • DER (.der, .cer)
  • PFX (.pfx, .p12)

Set up S/MIME-protected messaging

You need to store a private key and certificate on your BlackBerry device to send signed or encrypted email messages using S/MIME-protected messaging. You can store a key and certificate by importing the files from a work email message.

  1. Open a work email message with a certificate attachment.
  2. Touch and hold The certificate attachment icon.
  3. Tap The Import Certificate icon.
  4. If necessary, enter the password.
  5. Tap The Back icon.
  6. Tap The More icon > The Settings icon > Secure Email.
  7. If necessary, tap the S/MIME tab.
  8. Set the S/MIME switch to On.
  9. Below Signing Certificate, in the drop-down list, tap the certificate that you imported.
  10. Below Encryption Certificate, in the drop-down list, tap the certificate that you imported.

Sign or encrypt a message

You must use a work email account that supports S/MIME-protected messages or IBM Notes mail encryption to send a signed or encrypted email message.

  1. When you compose a message, slide your finger down on the screen.
  2. In the drop-down list, tap a signing or an encryption option.
Tip: You can change the default email security used for messages you send. For example, if you use S/MIME to protect your messages, you can send clear-signed messages that can be opened by any email application, or opaque-signed messages that can be opened only by email applications that support encryption. In the BlackBerry Hub, tap More actions > The Settings icon > Secure Email. If necessary, tap S/MIME or NNE. Change the email security settings.

Secure email icons

Icon Description
Email signed with secure digital signature The email is digitally signed.
Encrypted email The email is encrypted.
Verified digital signature The digital signature was successfully verified.
Signature has not been verified There is not enough information to verify the digital signature.
Signature cannot be verified The digital signature failed verification.
Digital certificate attached A certificate is attached to the email.
Trusted certificate The certificate chain is trusted.
Certificate importing failed The importing of the certificate failed.
Certificate chain error There is an error with the certificate chain.
Certificate chain expired The certificate chain has expired.
Certificate chain credentials untrusted The certificate chain is not trusted.
Certificate chain credentials revoked The certificate chain has been revoked.

Was this information helpful? Send us your comments.