Last modified by Aysegül Omus on 2024/06/25 13:31
Show last authors
1 = How can I install my CIT certificate on a mobile device? =
2
3 {{box cssClass="floatinginfobox" title="**Inhalt**"}}
4 {{toc/}}
5 {{/box}}
6
7
8 == iPhone ==
9
10 === Sending the certificate to your iPhone and installing it ===
11
12 [[Here>>CIT.ITO.Docs.Services.Certificates.Client Certificate.Export of a user certificate.WebHome]] you will find instructions on how to export the certificate.
13
14 You can copy the certificate to your mobile phone via email. To do this, send yourself an e-mail with the certificate.
15
16 [[image:emailcert.png||width="600"]]
17
18 Open the certificate in the attachment and install it on your mobile phone.
19
20 [[image:Screenshot 2020-04-15 at 22.53.40.png||width="1200"]]
21
22 For the password, enter the certificate backup password that you selected when you exported the certificate.
23
24 [[image:Screenshot 2020-04-15 at 22.09.30.png||width="1200"]]
25
26 You can see installed profiles (certificates) on the iPhone under **Settings** -> **General** -> **Profiles**.
27
28 [[image:IMG_1716.PNGneu.PNG||width="400"]]
29
30 In order to be able to use the certificate, you have to assign it to your mail account. Open **Settings** -> **Passwords and Accounts** and select your e-mail account.
31
32 Then click on **Advanced** and select your certificate for signing and encrypting. If you only want to sign the e-mails, you can leave **Encrypt by default** deactivated.
33
34 [[image:Screenshot 2020-04-15 at 22.14.19.png||width="1200"]]
35
36 == iPad ==
37
38 === Download the certificate to your iPad and install it ===
39
40 [[Here>>CIT.ITO.Docs.Services.Certificates.Client Certificate.Export of a user certificate.WebHome]] you will find instructions on how to export the certificate.
41 You can copy the certificate to your iPad via email. To do this, send yourself an e-mail with the certificate.
42
43 Open the attachment of the e-mail and select **Save to files** under Settings in the top right corner.
44
45 [[image:ipadzertifikat1.png||width="1000"]]
46
47 Click on the saved certificate to save it in Profiles.
48
49 [[image:ipadzertifikat2.png||width="1000"]]
50
51 Go to **Settings** -> **General** -> **Profiles** and select the certificate there and click **Install**.
52
53 [[image:ipadzertifikat3.png||width="1000"]]
54
55 Then first enter the device password and then the password that you selected during export.
56 **Note**: If you did not enter a password when exporting the certificate, you can ignore this step.
57
58 [[image:ipadzertifikat4.png||width="1000"]]
59
60
61
62 === Signing and encrypting Emails with a Certificate ===
63
64 To be able to use the certificate for signing and encrypting, you have to assign it to your mail account. Open **Settings** -> **Mail** -> **Accounts** and select your e-mail account (in this case we have Exchange).
65
66 [[image:image.png||width="1000"]]
67
68 After that you have to activate the option for signing and encryption. Click on your mytum Email **Account** -> **Advanced Settings**
69
70 [[image:image(1).png||width="1000"]]
71
72 Two options must be visible under S/MIME: **Sign** and **Encrypt**. First select **Sign**.
73
74 [[image:image(2).png||width="1000"]]
75
76 Under **Certificates** you can select your verified certificate.
77 Now take a step back and do the same for **Encrypt**
78
79 [[image:image(3).png||width="1000"]]
80
81 ==== How to send a signed and encrypted e-mail ====
82
83 **Note:** Please make sure that your device is **up-to-date**! You should also restart your device.
84
85 After you have activated the S/MIME options, you should be able to send and receive signed e-mails.
86 You can check whether an email is signed as follows:
87
88 If this **approved** character is present, it means the email is signed.
89
90 [[image:email_signed.png||width="800"]]
91
92 Before you can encrypt e-mails, you must first exchange signed e-mails with your correspondent so that you can receive his/her certificate.
93
94 When you click the email address with an approved character, you should see the following menu:
95 [[image:image(4).png||width="800"]]
96
97 You must then download it and install it.
98 After you have installed it successfully, you should be able to send out encrypted e-mails. If the e-mail is encrypted, it should look as follows:
99
100 [[image:send_encrypted_email.png||width="1000"]]
101
102 == Android ==
103
104 === FairEmail ===
105
106 You must first set up an in.tum account or TUM account on your mobile phone, if you do not already have one. Then send yourself the certificate by email and save it on your mobile phone.
107
108 [[Here>>CIT.ITO.Docs.Services.Certificates.Client Certificate.Export of a user certificate.WebHome]] you will find instructions on how to export the certificate.
109
110 Then open the **Settings** and select **Manage** on the **Main Settings** page under ''Set up Account''. Then click on your email account.
111
112 [[image:Screenshot 2020-04-21 at 15.58.43.png||width="1200"]]
113
114 Click on **Client Certificate** and in the opened window select **Install Certificate**.
115
116 [[image:Screenshot 2020-04-21 at 15.36.19.png||width="1000"]]
117
118 Select the certificate on the mobile phone that you want to install and enter the passphrase for the certificate. You can rename the certificate. Then click **OK**. Then click select the certificate and click **SELECT**.
119
120 **Note**: If you did not enter a passphrase when exporting the certificate, you can ignore this step.
121
122 [[image:Screenshot 2020-04-21 at 15.37.26.png||width="1200"]]
123
124 ==== Select the encryption method ====
125
126 Under **Settings** -> **Encryption** you can set that the e-mails are automatically encrypted if you have the public key of the recipient who has a valid **S/MIME** certificate. You can change this setting each time you send an e-mail.
127
128 [[image:Screenshot 2020-04-21 at 16.21.52.png||width="1200"]]
129
130 ==== Manage public keys ====
131
132 To send an encrypted e-mail, you need the recipient's public key. To do this, the recipient must either send you a signed email or you must save the recipient's public key on the mobile phone.
133
134 ===== Signed E-Mail =====
135
136 When you have received a signed e-mail, click on the **signature symbol** to save the public key. After this step it will be possible to write an encrypted email to this recipient.
137
138 [[image:WhatsApp Image 2020-04-02 at 14.09.24a copy.jpeg||width="500"]]
139
140 ===== Adding new public key =====
141
142 Open **Settings**, then select **Encryption** in the tab and click on **Manage public keys** on the page and then click on the **+** sign to add public keys. You can then close the **Settings**.
143
144 [[image:Screenshot 2020-04-21 at 16.34.12.png||width="1200"]]
145
146 ==== Send signed and / or encrypted email. ====
147
148 We have activated automatic encryption and signing in the settings, which is why **Encrypt** is displayed at the bottom of the program. If the recipient has a valid **S/MIME** certificate and their public key is stored in the program, the email can be sent encrypted. Otherwise you will get the following error message: No public key for. .... @ ....
149
150 Click on **Encrypt** and select how the e-mail should be sent.
151
152 **Note**: If automatic encryption is disabled, ''Sign'' it will appear at the bottom of the program.
153
154 [[image:Screenshot 2020-04-21 at 16.42.41.png||width="1200"]]