Installing an Email Certificate in Thunderbird
Post Officers and Committee Chairs are given Post e-maIL addresses for OFFICIAL USE. Plain e-mail is naked. Think of a postcard pinned up to the bulletin board at the local market. NO SECURITY. To deal with this issue, people should use email certificates to at least "sign" their email so that the recipient knows it is legitimate and unchanged. Certificates also allow encryption for protecting private information. Here is how to get and install a certificate using Firefox and Thunderbird:
Obviously, your e-mail address is not postmaster so change that to your address when following these instructions. The setup process is actually easy but writing it all down makes it look daunting. Be dauntless as you were when in uniform!
It is assumed you already have Thunderbird installed on your computer. If you have not already installed Thunderbird, go to How to Install and Setup Thunderbird.
- Using your web browser (Firefox) go to Comodo Free Email Certificate
- On the left you should see a "Sign Up Now" button. Click on the "Sign Up Now" button.
- You now must fill in the few pieces of information needed.
- For First Name, use your position (i.e. Postmaster).
- For Last Name, use "VFW Post 12093".
- For the E-mail Address, use your official Post email (i.e. "email@example.com").
- Leave country "United States" and Key Size "High Grade".
- Choose a revocation password. I encourage you to use the password for your email account.
- Choose whether to opt in for Comodo's advertising.
- Click on "Accept" for the license terms.
- Click on "Next" which will generate the encryption key pairs and the certificate.
You will be quickly taken to a screen congratulating you on creating a certificate and telling you instructions have been emailed to the address you entered.
- Start Thunderbird and go to the email address for which you created the certificate.
- If you chose to opt in to the Comodo mailings, there will be an email with a link for you to click on to confirm the email address.
- You should also have an email from Certificate Customer Services
entitled "Your certificate is ready for collection!" Open that email.
- In the email, there will be a button labelled "Click & Install Comodo Email Certificate". Click on that button.
- This will take you back to your browser window saying you are attempting to retrieve the certificate. You should get a pop up window telling you the certificate was successfully installed.
The certificate is installed in Firefox. We need to copy it to Thunderbird.
- In Firefox at the upper right, you should have a set of 3 horizontal lines. Left mouse click on those lines.
- You should get a pop up window. Click on "preferences".
- On the left, you should have several options. Click on "Advanced".
- Across the top you have several options, click on "Certificates".
- Click on the "View Certificates" button at the bottom left of the verbiage.
- At the top of the pop up screen, ensure you are on "Your Certificates".
- In the body of the window, you should see a list of certificates (perhaps only one). Find the one that shows E= and the email address for which you just created the certificate.
- Highlight that certificate and then click on the "Back up..." button at the bottom of the list.
- Chose the location and name of the back up file you will create. I use the year and the email address without any punctuation or the @ symbol (i.e. "2017postmastervfwpost12093com")
- The system adds the correct extension after the dot and then asks you to enter twice a "backup password". I use the same password I set for revocation; the email password.
- This creates a backup where you specified with the name you specified.
Now we install the certificate into thunderbird.
- Open Thunderbird.
- You should see a pane on the left with a list of your e-mail account configurations. Right mouse click the account to secure (i.e. "firstname.lastname@example.org").
- Left mouse click on "Settings". This should let you configure the account.
- Left mouse click on "Security" under the email address on the left.
- On the right, click on "Manage Certificates".
- You should get a very similar pop up window to the one we saw in Firfox. Ensure you are on the "Your Certificates" tab.
- Click on "Import..." at the bottom.
- Go to the location of your back up file and select it. (i.e. "2017postmastervfwpost12093com")
- Click "Open".
- You will be asked for the password you created when you backed up the file. (i.e. Email password) Enter it and click on "OK".
Now that you have the certificate in Thunderbird you want to tell Thunderbird how to use it.
- On the same security page above the "Manage Certificates", you have two fields. One for Digital Signing and one for Encryption. We want to set up both.
- Under Digital Signing, click on the "select" button.
- A pop up window will appear. At the top is a pull down with all your certificates. In the field below is the details including the email address. It should already have found the certificate we just imported.
- Click "OK".
- A pop up should appear asking if you want to use the same certificate if someone sends you an encrypted message. Click on "Yes".
- Both the Digital Signing and Encryption fields should now have your certificate listed.
- You will want to click on the "Digitally sign messages (by default)" check box under the Digital Signing Certificate field.
- You will want to select the "Never (do not use encryption)" radio button under the Encryption certificate field.
- These last two options will cause you to digitally sign anything you send unless you override it for a specific message in the creation window and not encrypt unless you overrride that similarly.
- All done. You can close any open windows.