IMPORTANT TIP - For if for some reason you weren't shown the password page, or you accidentally closed it / refreshed it, and now it won't let you register again... ⇨ What you can do is go to the email message that has the certificate attachment, where it has the "User Code" and "Private Personal Code (CRP)", which I show at 9:40, and use those credentials to log into the certificate management page link (also shown in that email). It might make you create a new CRP code, so do that then log in. In there you'll be able to revoke the first certificate. Then it will let you register for another certificate on the same email. I tried it myself and it worked.
The German Postal Service "Deutsche Post" and it's subsidiary DHL sign (almost) all their emails. However, this doesn't effectively protect the "regular user" from phishing attempts, therefore certificate pinning (→ HSTS) should be added to the S/MIME standard...
3 ปีที่แล้ว +1
This is very helpful! I already having this on my corporate but not on my personal account until i have watch this and implemented on my email clients. Works for Outlook and iPhone, however I can't make it work on Outlook Mobile app on Android. Any suggestions on email client mobile app that will work using personal certificate for Android OS?
Just renewed my Actalis certificate for the first time. Can't believe it's already been a year. Thanks for the excellent tutorial! Edit: Welp, I'm back here again. To anyone wondering, I just followed the same steps in this video, requested a new certificate from Actalis and then replaced my old certificate in Outlook with the new one.
@@Andrew-jw2qs yes, as long as you use an email client that supports it, gmail and outlook web for enterprise supports a cert upload (usually schools use gmail or outlook for enterprises )
Side note: 12:14 If you don't find your certificate in that folder, check Current User\Other People\Certificates. Move that to the folder Joe mentions in the video. You'll thank me when you get to 14:28 - *Setting Up Outlook*
I’m guessing his audience has never used email in a work situation. Email certificates aren’t some rare thing. They’re just not used for normal people to email other normal people. They don’t really serve a purpose in that sense. It’s for when your boss emails you so know it’s actually from him instead of someone spoofing the email address. Yes I know there’s ways to get around the certificate to but that’s a whole new rabbit hole
@@calvinwalker4654 - also, it's more a thing used together with *end-to-end encryption* S/MIME offers. If both sides of a conversation do have their e-mail certificates and then exchange their public keys, they can use the keys to actually encrypt an e-mail content in a way only the recipient can decrypt it. While it can be used to pass secret data by e-mail, it has a downside the mailserver cannot see the content at all, including attachments. So no anti-virus scanning server-side.
This is a very comprehensive explanation. It is well executed and it anticipates questions a person might reasonably have. Seldom one ends up with all one's questions answered. Well done!! And thanks.
For anybody using Linux and wanting to give it a go, here's a quick guide for Gnome Evolution 1. follow Thio until you get the certificate file from the zip attached to your email (up until ~10:00) 2. open Evolution and go to `Edit » Preferences` click on `certificates` at the bottom of the dialog box that opens up. Click on `import` and select your certificate .pfx file 3. now go to `Email accounts` click on `Edit`. On the new dialog box go to the `Security` section, and you'll se a S/MIME section, click on the `Select` button and choose your cert. You're done! now when you want to sign a message, on the email composer just go to `Options » Sign with S/MIME` Inbound signed messages will have a green banner with a wax stamp icon on it
A fabulous video, and you‘ve put so much work into it. I‘m exhausted just from watching! At the moment, the thought of going through this process makes my head hurt, but tomorrow is another day. Thank you so much for this kind of material.
I am not real computer savvy but decided to give this a shot after watching this video. By golly, it worked! Took me some time. I had to rewind the video half a dozen times for each step (I am kind of slow), but I did it! Sent my brother an email first thing, and he caught it. Yes, he was impressed. Thank you
Maybe @@shabd_eg , but i don't really have friends..., i mean why am I here in the first place, beside wasting time, knowing i will just have the cool badge without anybody to show to, well only serve as an ego booster, Welp, that become semi-sad really quick :),
Thank you very much Thiojoe. It works for me under a school serviced email. There was a warning box. Something along the lines of "Windows could not verify this security protocol." At the end of the box, it said something along the lines of, "this could be a security hole, click yes to acknowledge the risks and continue. " I clicked no, and shortly after followed a message of success. How humorous. *Task failed successfully!*
Some corrections: 5:15 the service does bot have to ask the certificate authority. The certificate already tells, that it has checked. By the way it is not the service who checks, but your client app/program. And this is also why Gmail itself does not let import your certificate, because they would need your private part of the certificate, which us very bad, so they forbid it
That's soooooo much nostalgia. I remember playing it in primary school as well as middle school, I even managed to set a high score of 2M points. As far as I know, nobody on both schools has been able to surpass that high score at the time I was there. If someone did after I graduated, I do not know, but when I was there, I was still the #1 in the high score :D
I managed to do this without a computer directly on iOS, it was definitely a hassle and required more intimate knowledge of how to use certificates, but it was a fun challenge. Thanks for the cool video!
@@QuarTheDev I used an online unzip (insecure!) and installed the profile. Activated like normal. Then, I went into the cert and found the CA download, got that and installed it, no issues since.
I had no problem installing the cert but actually attaching it to my email is such a problem! I can't find settings to do this in any app I've used, even Outlook. I guess I'm also using Android though.
The other big plus is if everyone gets a S/MIME certificate, we can begin saving each other’s public certificates already sent in signed messages then we can encrypt messages to each other. Just like PGP or GPG but with much better support.
@@chiragsingla. You can use S/MIME to sign a message and encrypt a message. When you sign a message with S/MIME, your public certificate is sent along with it, to tell the receipient the message really came from you. That recipient can then use that public certificate to encrypt messages sent to you, which you can then decrypt using your private certificate.
Some of you who are experiencing the same problem may find this helpful. After receiving the verified email at 26:22, I freaked it out to find that Gmail said my signature is an unsupported algorithm thus not showing the check verified mark. After a few checking, It turned out that after hit ok at 17:05, I'm supposed to change my default settings to the new profile I've just set up before proceeding to the next step. After that, I resend the email, and it worked just fine.
Hi ThioJoe! As an administrator of a workplace myself, I can confirm that there are policies that can disable the use of S/MIME certificates on Microsoft 365 through the Microsoft 365 Apps Admin Centre. I haven’t deployed this policy but after watching your video, I wanted to see if this was something administrators could do!
These certificates can also be used to enable end to end encryption for email, both users need those certificates, then send unencrypted emails to each other and save each others public keys, after that end to end encryption can be used.
Great video, I never knew this existed. I had some trouble at first with Gmail saying it wasn't a supported algorithm but I changed it a few times and downloaded the other certificate and it worked! :)
@@atharvadeshpande5539 what I did to fix it was change the type of encryption the email used a few times, saved it and sent an email. It still said it wasn't a supported algorithm but then when I switched it back to exactly the type of encryption he said to use it worked and I haven't had a problem.
iOS do not need to use Windows for intermediate cert extraction. After installing your email cert on iOS, go to settings > general > VPN and device management > select email configuration profile > more details > select certificate > certificate authority information access > first URI in list > copy and paste to Safari > get prompt to install intermediate cert. > install in settings as usual
Interested to see all the red question marks in a year when the certificates expire and users forget how to do all this and don't renew it. Then your email looks like spam when it's not. 🤣
Im surprised that big companies like Google, Facebook etc. don't send these certified emails (for example when veryfing an email, changing password etc.)
Thanks ThioJoe! Thanks for making this video it was very easy to follow along. I miss seeing new videos from you but I'm glad that your old ones are still up so we can all refer back to them.
For anyone who happens to be watching in 2024, on iPhone all you have to do is install the cert (At least, on iOS 18 *BETA* at the time of writing). You do not need to import the intermediate or root cert, even though the profile shows as not trusted. Yay for less steps!
3 years later and carriers are starting to screen for verified callers (businesses). IMO this "verified" badge is LONG overdue and would help to avoid fraud.
Hey ThioJoe! 👋 I just came across your video, and I’ve heard Outlook removed that method in 2024. Could you pretty please make an updated tutorial? That would be awesome! Thanks! 🙌
When receiving mail with this certificate, Outlook Web App is saying: "This message has a digital signature, but it wasn't verified because the S/MIME control isn't currently supported for your browser or platform." For Chrome and Edge someone who receives the email and wants to verify the signature needs to install the S/MIME extension, which I think you have to do in registry or group policy.
@@davidadams421 Right, I can install it in my browsers, but I can't install it in the browsers of the people who are receiving my email and getting this message.
For Thunderbird : Click your email address in the left sidebar Click Account Settings Click End-To-End Encryption in the left sidebar Scroll a little bit and click Manage S/MIME Certificates Choose Your Certificates Click Import, and choose the pfx file from the zip file from earlier Click Ok Click Select on the Personal certificate for digital signing Select your certificates (in the top, there is multi select dropdown) and click OK Do the same thing to Personal certificate for encryption Applying it : When you want to send an email, you can select the down arrow in Security from the navbar Click Digitally Sign This Message
Good thing my company has already done all that by issuing a smartcard. Downside is that it's a certificate issued by an in-house certification authority, but I'm not sending too many private emails anyway.
It's obsolete, DMARC superseded it. DMARC works without end user having to conf anything and it works from webmails. The real question is, why don't mail clients instantly junk anything that fails to pass DMARC.
I know a guy from Italy and he says this way of signing emails is common there in workplaces--like signing a letter on paper. That's why it didn't surprise me to find out that only free company is Italian.
Him: "Don't be intimidated by the video length..." Me: Looking at the video length, subtracting half an hour from the time I have left to sleep, closes the video.
I have done it it's reasonably simple. Follow the general steps in the video and then look for specific thunderbird documentation. I guarantee you can set it up in under an hour.
Before watching the whole video. I was thinking about this earlier: "Emails from trusted companies (at least) should be signed, in order to single them out from spam and scam."
IMPORTANT TIP - For if for some reason you weren't shown the password page, or you accidentally closed it / refreshed it, and now it won't let you register again...
⇨ What you can do is go to the email message that has the certificate attachment, where it has the "User Code" and "Private Personal Code (CRP)", which I show at 9:40, and use those credentials to log into the certificate management page link (also shown in that email). It might make you create a new CRP code, so do that then log in. In there you'll be able to revoke the first certificate. Then it will let you register for another certificate on the same email. I tried it myself and it worked.
Thank you so much!
teszt (thanks for the 1 like)
Can anybody tell me how to outlook in windows 7. The browser is chrome.
The German Postal Service "Deutsche Post" and it's subsidiary DHL sign (almost) all their emails.
However, this doesn't effectively protect the "regular user" from phishing attempts, therefore certificate pinning (→ HSTS) should be added to the S/MIME standard...
This is very helpful! I already having this on my corporate but not on my personal account until i have watch this and implemented on my email clients.
Works for Outlook and iPhone, however I can't make it work on Outlook Mobile app on Android.
Any suggestions on email client mobile app that will work using personal certificate for Android OS?
Just renewed my Actalis certificate for the first time. Can't believe it's already been a year. Thanks for the excellent tutorial!
Edit: Welp, I'm back here again. To anyone wondering, I just followed the same steps in this video, requested a new certificate from Actalis and then replaced my old certificate in Outlook with the new one.
Awesome glad the video was of benefit 👍
I am finding it difficult locating the email security on the web of my outlook. But the app says I don’t have an eligible email. What do I do then.
@@talkertivenaija6174 me too tbh
How do you renew it? I had to create a new one when it expired.
@@muki_x You don't renew you get a new one and replace
Who needs a verified Twitter/Instagram when you can get a verified email
I love how a verified user stole your comment.
Me
Yeah, its rare I can flex in front of celebrities for a whole year lol
Hmm
e
I will do this for my school email so that my teachers are absolutely sure that I sent the email
@@Andrew-jw2qs idk, I'm not from the USA so my school has a Office 365 license that every student gets
@@janferenc316 same here in the USA.
did it work for u ?
@@Andrew-jw2qs yes, as long as you use an email client that supports it, gmail and outlook web for enterprise supports a cert upload (usually schools use gmail or outlook for enterprises )
yeah this is big brain time
Cant wait to see all the "official" google employees asking for your info
Hahahaha
we are so screwed lmao
Finally I can be verified for something 😩
YAS
Some people say I'm " certifiable" does that count? Lol
I’m finally verified! I’m important now 🤣
Me too :(
I know the feeling...🥺
Side note: 12:14 If you don't find your certificate in that folder, check Current User\Other People\Certificates. Move that to the folder Joe mentions in the video.
You'll thank me when you get to 14:28 - *Setting Up Outlook*
This is more comparable to the "lock" symbol for HTTPS sites in chrome than the "verified" nike symbol on social media
Functionally you're absolutely right, visually though it looks extremely similar to the latter.
He kinda mentions that about 1:25.
I’m guessing his audience has never used email in a work situation. Email certificates aren’t some rare thing. They’re just not used for normal people to email other normal people. They don’t really serve a purpose in that sense. It’s for when your boss emails you so know it’s actually from him instead of someone spoofing the email address. Yes I know there’s ways to get around the certificate to but that’s a whole new rabbit hole
@@calvinwalker4654 - also, it's more a thing used together with *end-to-end encryption* S/MIME offers. If both sides of a conversation do have their e-mail certificates and then exchange their public keys, they can use the keys to actually encrypt an e-mail content in a way only the recipient can decrypt it. While it can be used to pass secret data by e-mail, it has a downside the mailserver cannot see the content at all, including attachments. So no anti-virus scanning server-side.
True, but your average person doesn’t know that ;)
Currently wasting valuable time of human life for a tick next to my email, now I can boost my ego further. I wonder what the ladies will think.😃
I’ve wasted time on dumber things ¯\_(ツ)_/¯
@@ThioJoe like wut
@@ThioJoe Hahaha love it
@@Not-Divesh Faster internet for free
@@CommandoBlack123 google gives 500mbps download and 900mbps upload for free doe
This is a very comprehensive explanation. It is well executed and it anticipates questions a person might reasonably have. Seldom one ends up with all one's questions answered. Well done!! And thanks.
FANTASTIC!!! I can not believe it worked on the FIRST TRY! Your walkthrough is so good that I did everything correctly and I didn't miss anything!
For anybody using Linux and wanting to give it a go, here's a quick guide for Gnome Evolution
1. follow Thio until you get the certificate file from the zip attached to your email (up until ~10:00)
2. open Evolution and go to `Edit » Preferences` click on `certificates` at the bottom of the dialog box that opens up. Click on `import` and select your certificate .pfx file
3. now go to `Email accounts` click on `Edit`. On the new dialog box go to the `Security` section, and you'll se a S/MIME section, click on the `Select` button and choose your cert.
You're done! now when you want to sign a message, on the email composer just go to `Options » Sign with S/MIME`
Inbound signed messages will have a green banner with a wax stamp icon on it
@@TheWilldrick thanks bro
Great informative vid! Never heard of this until now
Me neither haha!
Me neither haha!
Me neither haha!
Me neith- wait, look at me! I am not like everybody else haha!
Me neither haha!
A fabulous video, and you‘ve put so much work into it. I‘m exhausted just from watching! At the moment, the thought of going through this process makes my head hurt, but tomorrow is another day. Thank you so much for this kind of material.
Sign up for proton mail they offer it as well with their emails
I am not real computer savvy but decided to give this a shot after watching this video. By golly, it worked! Took me some time. I had to rewind the video half a dozen times for each step (I am kind of slow), but I did it! Sent my brother an email first thing, and he caught it. Yes, he was impressed. Thank you
Now I can show off to my friends :3, thankyou Thiojoe 😃, and random people online ☺
You are the showoff Friend in the class
Maybe @@shabd_eg , but i don't really have friends..., i mean why am I here in the first place, beside wasting time, knowing i will just have the cool badge without anybody to show to, well only serve as an ego booster,
Welp, that become semi-sad really quick :),
@@theeyeofomnipotent I feel you on a spiritual level.
@@theeyeofomnipotent I relate but without any context that looks very edgy.
@@theeyeofomnipotent Relate I don't have any friends so I can relate :(
Thank you very much Thiojoe. It works for me under a school serviced email. There was a warning box. Something along the lines of "Windows could not verify this security protocol." At the end of the box, it said something along the lines of, "this could be a security hole, click yes to acknowledge the risks and continue. " I clicked no, and shortly after followed a message of success. How humorous.
*Task failed successfully!*
I feel like im getting educated when i watch ThioJoe's videos-
*Very amazing.*
This is education
Very clear instructional video. My biggest hurdle was getting Outlook to authenticate with Gmail properly.
This video is just so useful and informative, it wasn't boring at all worth giving your time and "patient is a virtue"
You're a legend, Actalis still works today providing free certificates for personal use accounts. Thank you !
Me: sleeps
ThioJoe: hey want to get a cool email
Me: floats to pc
edit: wtf, who gave me these likes
are you living in India?
@@windowsxpprofessional no I live in Canada
@@averagefan2958 ❤️🔥👍
Same here
Hahahhaa
Some corrections: 5:15 the service does bot have to ask the certificate authority. The certificate already tells, that it has checked. By the way it is not the service who checks, but your client app/program. And this is also why Gmail itself does not let import your certificate, because they would need your private part of the certificate, which us very bad, so they forbid it
ThioJoe's TH-cam channel: How Computer class could have been if teachers were capable or you stopped playing 3D Pinball during class.
Correct. -Someone who actually paid attention.
It's still hard for me to believe this guy because he used to do troll tutorials a few years ago and it looked real
@@wrxvv It "looked real" if you were ignorant and thought computers ran on magic (or oil).
That's soooooo much nostalgia. I remember playing it in primary school as well as middle school, I even managed to set a high score of 2M points. As far as I know, nobody on both schools has been able to surpass that high score at the time I was there. If someone did after I graduated, I do not know, but when I was there, I was still the #1 in the high score :D
my school pc had windows 7 but then they switched to chromebooks and had them inside the classroom
Outlook didn't work for me so did it in thunderbird...just as easy. It made my day thanks man. ♥️
I thought I was gonna have to buy the outlook thingy, I just did it on thunderbird thanks for this comment!
I'm giving away my best secrets so please like the video
Also, people who will think this is fake: 🤡
🤨
Hi
When its fake
People: bruh now im mad
2 hours ago?
This badge is way cooler than the TH-cam, Twitter and Instagram badges, change my mind!
I managed to do this without a computer directly on iOS, it was definitely a hassle and required more intimate knowledge of how to use certificates, but it was a fun challenge. Thanks for the cool video!
@@QuarTheDev I used an online unzip (insecure!) and installed the profile. Activated like normal. Then, I went into the cert and found the CA download, got that and installed it, no issues since.
I had no problem installing the cert but actually attaching it to my email is such a problem! I can't find settings to do this in any app I've used, even Outlook. I guess I'm also using Android though.
@@z185284 can you explain how you found the or obtained the Intermediate certificate to install so that the profile cert shows verified?
never mind I worked it out :)
@@thinkhelpservice can you help me
The other big plus is if everyone gets a S/MIME certificate, we can begin saving each other’s public certificates already sent in signed messages then we can encrypt messages to each other. Just like PGP or GPG but with much better support.
Most people aren't wise to that unfortunately
I am confused if you use s/mime won't it encrypt with pub keu automatically and decrypt it ?
@@chiragsingla. You can use S/MIME to sign a message and encrypt a message. When you sign a message with S/MIME, your public certificate is sent along with it, to tell the receipient the message really came from you. That recipient can then use that public certificate to encrypt messages sent to you, which you can then decrypt using your private certificate.
Some of you who are experiencing the same problem may find this helpful.
After receiving the verified email at 26:22, I freaked it out to find that Gmail said my signature is an unsupported algorithm thus not showing the check verified mark.
After a few checking, It turned out that after hit ok at 17:05, I'm supposed to change my default settings to the new profile I've just set up before proceeding to the next step.
After that, I resend the email, and it worked just fine.
thx
*This video is gonna blow up and go insanely viral and I am here all for it* 👌🏻😍🙌🏻
I will get my S/Mime certification asap rn!
Coz this service will go paid anytime now...
@@IMSIDBOSE lol it's still free till now but i think like 200k people tried it
@@greenscreenasshole haha!
Like 16k people for sure! 😂
The Computer King is back👀
Yessirrr 💪😤
njgxgbkh
Hi ThioJoe! As an administrator of a workplace myself, I can confirm that there are policies that can disable the use of S/MIME certificates on Microsoft 365 through the Microsoft 365 Apps Admin Centre. I haven’t deployed this policy but after watching your video, I wanted to see if this was something administrators could do!
Thiojoe not gonna lie u are my favorite tech TH-camr
These certificates can also be used to enable end to end encryption for email, both users need those certificates, then send unencrypted emails to each other and save each others public keys, after that end to end encryption can be used.
"Giving companies money that offer free services for things no one else will".
Well said. I totally agree with you there. You're a good man, Theo.
But 6:06 is where I need to start later, so I can take notes.
It's really a rare content I'm unable to found a single results on Google or YT. you are great. ❤️
This is easily one of the best Thio Joe videos.😎😎😏👍👍
Had a lot of fun following the steps. Great job Joe. 🙂🙂
ThioJoe: "To get a verified Email, it uses the S/MIME protocol".
Me: "I'll go get the mimes"
Also, there is a checkmark in a circle beside his youtube account name. (4)
I like your profile pic
I hope you don't have a kill command in you, do you?
I like how well you researched before making this video.
I just love how your speaker setup still the same for years, lol
ThioJoe: hey guys there's this cool thing.
Indian Scammers: InTeReStInG
oh no
Lol
ThErE iS a ViRuS iN yA cOmPuTer
@@jujujoestar9882 **says with clear indian accent** hEllO mai Naim is KeviN hauw can ai halp yOu
@@existence.5806 Damn so y'all think of us like that huh.
The fact that this wont work while sending on gmail is stupid, but now I know if its important, always send via outlook.
Thank you.
Great video, I never knew this existed. I had some trouble at first with Gmail saying it wasn't a supported algorithm but I changed it a few times and downloaded the other certificate and it worked! :)
uh could u tell me how i am geeting same error
@@atharvadeshpande5539 what I did to fix it was change the type of encryption the email used a few times, saved it and sent an email. It still said it wasn't a supported algorithm but then when I switched it back to exactly the type of encryption he said to use it worked and I haven't had a problem.
REALLY NEED TO JUMP THRU A LOT OF HOOPS
TO DO THIS
I GREATLY APPRECIATE
YOUR EFFORTS.
THANK YOU SO MUCH
iOS do not need to use Windows for intermediate cert extraction. After installing your email cert on iOS, go to settings > general > VPN and device management > select email configuration profile > more details > select certificate > certificate authority information access > first URI in list > copy and paste to Safari > get prompt to install intermediate cert. > install in settings as usual
@@Markuzy yes!
I wish this comment would be pinned!
@@makeacene Agreed!
@@makeacene 100% Agreeeeeddd
Lifesaver
Excellent job ThioJoe. Flawless.
Finally I can feel like I'm more important than someone else.
😂
😂
😂
😂
😂
Interested to see all the red question marks in a year when the certificates expire and users forget how to do all this and don't renew it. Then your email looks like spam when it's not. 🤣
this is the unspoken part ;P
Just set a reminder to update your email certificate the day before it expires
Do you need to pay to renew it after a year has passed?
@@Greatness13 Why would you? Come on. FFS. Just create a new one
Im surprised that big companies like Google, Facebook etc. don't send these certified emails (for example when veryfing an email, changing password etc.)
Thank you very much Joe! Wish you safe and healthy 🙏🏼
My new goal for this summer
Thanks ThioJoe! Thanks for making this video it was very easy to follow along. I miss seeing new videos from you but I'm glad that your old ones are still up so we can all refer back to them.
I can see spam emails using this to their advantage
As always, nothing new
how and why
Hey! I’ve watched the video when It just released, and it worked for me, so I just wanted to come back and say thank you!
For anyone who happens to be watching in 2024, on iPhone all you have to do is install the cert (At least, on iOS 18 *BETA* at the time of writing). You do not need to import the intermediate or root cert, even though the profile shows as not trusted. Yay for less steps!
@@TerrorByteTW I have iOS 18 (public) beta (2) but of I install it it says not verified
Such a great guide, massive thank you!
Thank you for the great information so far
8:55 the certificate providers don't have certified emails themselves.
They lead others to a treasure they cannot possess
It's the moment you know you're in for something fishy... Like the eye surgeons having glasses :)
Good point
Ironic
3 years later and carriers are starting to screen for verified callers (businesses). IMO this "verified" badge is LONG overdue and would help to avoid fraud.
Awesome tutorial works flawlessly. Thank you ThioJoe
Aight, I'ma watch this tomorrow. I have to sleep. :>
Goodnight buddy
Thanks Thio! It worked and have applied them to all my main email accounts. Actalis still offers free S/MIME certs.
lets goooooo it worked thanks man new subscriber
Me after watching 3/4 of the video: ah I see how its extremely rare
I haven't watched this man in 6 years
Hey ThioJoe! 👋 I just came across your video, and I’ve heard Outlook removed that method in 2024. Could you pretty please make an updated tutorial? That would be awesome! Thanks! 🙌
The root certificate will expire on my birthday. That's pretty cool
Soon we will verify our profile pictures,names,ages and address with badge 😀
For that we have IDs
Cool video Joe!
It would be awesome if Let’s Encrypt started supporting S/MIME certificate issuing, rather than just domain certificates.
This is so rare that only thiojoe has this video
im not even kidding, search email verified badge and only this video will show up
yo thanks I’ve been looking to get myself a check mark beside my email thanks joe
This was really fun and honestly didn't take that long. 10/10 would certify my email again.
When receiving mail with this certificate, Outlook Web App is saying: "This message has a digital signature, but it wasn't verified because the S/MIME control isn't currently supported for your browser or platform." For Chrome and Edge someone who receives the email and wants to verify the signature needs to install the S/MIME extension, which I think you have to do in registry or group policy.
You can install it yourself in Edge (admin needs to deploy it within Chrome).
@@davidadams421 Right, I can install it in my browsers, but I can't install it in the browsers of the people who are receiving my email and getting this message.
@@EMiller500 Yes, that's true, though your recipient can if they wish. Not ideal.
LOL - Where I work (5000+ users) I can't imagine even 5% of them even trying! Also, they would have to be using Chrome on a domain device, right?
@@EMiller500 Edge or Chrome, and, yes, you can only deploy group policy to a domain, AFAIK.
Thanks! It worked even after 3 years.
bro how? cannot find the trust centre on outlook
@@mariolatifi9370 gotta install thunderbird now
For Thunderbird :
Click your email address in the left sidebar
Click Account Settings
Click End-To-End Encryption in the left sidebar
Scroll a little bit and click Manage S/MIME Certificates
Choose Your Certificates
Click Import, and choose the pfx file from the zip file from earlier
Click Ok
Click Select on the Personal certificate for digital signing
Select your certificates (in the top, there is multi select dropdown) and click OK
Do the same thing to Personal certificate for encryption
Applying it :
When you want to send an email, you can select the down arrow in Security from the navbar
Click Digitally Sign This Message
Good thing my company has already done all that by issuing a smartcard.
Downside is that it's a certificate issued by an in-house certification authority, but I'm not sending too many private emails anyway.
Please don't forget to make a video about this whenever gmail web allows people to do this!!
"Filtering out the lazy people"
Man this is sounding like some vintage thiojoe
gonna do this before this blows up
😲 wowow thanks thiojoe
Everything perfectly explained, nice video!
Me after school: Should I either do something productive? Watch ThioJoe or watch ThioJoe? The latter please. Edit ThioJoe is productive
Thank you Thio. It is really really informative.
With the rampant abuse of email I'm curious why more people don't use this?
It's obsolete, DMARC superseded it. DMARC works without end user having to conf anything and it works from webmails. The real question is, why don't mail clients instantly junk anything that fails to pass DMARC.
@@aleksandersuur9475 interesting I will check it out. thank you
@@aleksandersuur9475 what? DMARC is not really a replacement for S/MIME, e.g. regarding encryption or am I wrong here?
I know a guy from Italy and he says this way of signing emails is common there in workplaces--like signing a letter on paper. That's why it didn't surprise me to find out that only free company is Italian.
@@EMiller500 makes sense!
I am glad i subscribed. i love this
Him: "Don't be intimidated by the video length..."
Me: Looking at the video length, subtracting half an hour from the time I have left to sleep, closes the video.
It worked for me on IOS beautifully
Would be nice if you showed some instructions on how to do this in Thunderbird since that is a popular Outlook alternative.
I have done it it's reasonably simple.
Follow the general steps in the video and then look for specific thunderbird documentation.
I guarantee you can set it up in under an hour.
Thanks Thiojoe for this video
Who cares about social media when email is verified
I love this guy 😂
the title made me feel like this is an old thiojoe troll video, anw nice vid man!
Before watching the whole video. I was thinking about this earlier: "Emails from trusted companies (at least) should be signed, in order to single them out from spam and scam."
Youre right
scams can verify themselves too
@@TopHCF Not unless they own the email. If it's a spoofed email they won't be able to verify it
I didn't want this in my recommended but i needed it
At 4:33 I was laughing because of the dumb user certificates
Thank you man!
So great work!
I use the latest version of Outlook downloaded from Appstore to macbook. I can't see the Trust option
Should I be worried that the mail from Actalis comes without a signature itself? :-) Nice video, I had fun implementing this.