Setting up a certificate on a mobile device

Last modified by Aysegül Omus on 2024/06/25 13:31

How can I install my CIT certificate on a mobile device?

iPhone

Sending the certificate to your iPhone and installing it

Here you will find instructions on how to export the certificate.

You can copy the certificate to your mobile phone via email. To do this, send yourself an e-mail with the certificate.

emailcert.png

Open the certificate in the attachment and install it on your mobile phone.

Screenshot 2020-04-15 at 22.53.40.png

For the password, enter the certificate backup password that you selected when you exported the certificate.

Screenshot 2020-04-15 at 22.09.30.png

You can see installed profiles (certificates) on the iPhone under Settings -> General -> Profiles.

IMG_1716.PNGneu.PNG

In order to be able to use the certificate, you have to assign it to your mail account. Open Settings -> Passwords and Accounts and select your e-mail account.

Then click on Advanced and select your certificate for signing and encrypting. If you only want to sign the e-mails, you can leave Encrypt by default deactivated.

Screenshot 2020-04-15 at 22.14.19.png

iPad

Download the certificate to your iPad and install it

Here you will find instructions on how to export the certificate.
You can copy the certificate to your iPad via email. To do this, send yourself an e-mail with the certificate.

Open the attachment of the e-mail and select Save to files under Settings in the top right corner.

ipadzertifikat1.png

Click on the saved certificate to save it in Profiles.

ipadzertifikat2.png

Go to Settings -> General -> Profiles and select the certificate there and click Install.

ipadzertifikat3.png

Then first enter the device password and then the password that you selected during export.
Note: If you did not enter a password when exporting the certificate, you can ignore this step.

ipadzertifikat4.png

Signing and encrypting Emails with a Certificate

To be able to use the certificate for signing and encrypting, you have to assign it to your mail account. Open Settings -> Mail -> Accounts and select your e-mail account (in this case we have Exchange).

image.png

After that you have to activate the option for signing and encryption. Click on your mytum Email Account -> Advanced Settings

image(1).png

Two options must be visible under S/MIME: Sign and Encrypt. First select Sign.

image(2).png

Under Certificates you can select your verified certificate.
Now take a step back and do the same for Encrypt

image(3).png

How to send a signed and encrypted e-mail

Note: Please make sure that your device is up-to-date! You should also restart your device.

After you have activated the S/MIME options, you should be able to send and receive signed e-mails.
You can check whether an email is signed as follows:

If this approved character is present, it means the email is signed.

email_signed.png

Before you can encrypt e-mails, you must first exchange signed e-mails with your correspondent so that you can receive his/her certificate.

When you click the email address with an approved character, you should see the following menu:
image(4).png

You must then download it and install it.
After you have installed it successfully, you should be able to send out encrypted e-mails. If the e-mail is encrypted, it should look as follows:

send_encrypted_email.png

Android

FairEmail

You must first set up an in.tum account or TUM account on your mobile phone, if you do not already have one. Then send yourself the certificate by email and save it on your mobile phone.

Here you will find instructions on how to export the certificate.

Then open the Settings and select Manage on the Main Settings page under ''Set up Account''. Then click on your email account.

Screenshot 2020-04-21 at 15.58.43.png

Click on Client Certificate and in the opened window select Install Certificate.

Screenshot 2020-04-21 at 15.36.19.png

Select the certificate on the mobile phone that you want to install and enter the passphrase for the certificate. You can rename the certificate. Then click OK. Then click select the certificate and click SELECT.

Note: If you did not enter a passphrase when exporting the certificate, you can ignore this step.

Screenshot 2020-04-21 at 15.37.26.png

Select the encryption method

Under Settings -> Encryption you can set that the e-mails are automatically encrypted if you have the public key of the recipient who has a valid S/MIME certificate. You can change this setting each time you send an e-mail.

Screenshot 2020-04-21 at 16.21.52.png

Manage public keys

To send an encrypted e-mail, you need the recipient's public key. To do this, the recipient must either send you a signed email or you must save the recipient's public key on the mobile phone.

Signed E-Mail

When you have received a signed e-mail, click on the signature symbol to save the public key. After this step it will be possible to write an encrypted email to this recipient.

WhatsApp Image 2020-04-02 at 14.09.24a copy.jpeg

Adding new public key

Open Settings, then select Encryption in the tab and click on Manage public keys on the page and then click on the + sign to add public keys. You can then close the Settings.

Screenshot 2020-04-21 at 16.34.12.png

Send signed and / or encrypted email.

We have activated automatic encryption and signing in the settings, which is why Encrypt is displayed at the bottom of the program. If the recipient has a valid S/MIME certificate and their public key is stored in the program, the email can be sent encrypted. Otherwise you will get the following error message: No public key for. .... @ ....

Click on Encrypt and select how the e-mail should be sent.

Note: If automatic encryption is disabled, ''Sign'' it will appear at the bottom of the program.

Screenshot 2020-04-21 at 16.42.41.png