VIPRE SecureMail is an email security product available only in Denmark that encrypts and decrypts your emails and comes with VIPRE Email Security Cloud. This article will walk you through the process of configuration.
Step 1: Order a Certificate
Before VIPRE SecureMail can be configured for your email encryption, a business certificate will need to be issued to your SecureMail address. If you do not already have one, this certificate can be purchased from MitID Erhverv.
Important
Please note that only your company's LRA/NemID administrator at MitID Erhverv has the right to issue certificates.
- Navigate to https://www.mitid-erhverv.dk/ and log in to your account
- Select Certifikater in the menu
- Click OPRET CERTIFIKATPROFIL
- Fill in the fields Certifikatnavn and e-mailadresse i certifikat
NOTE: "E-mail address in certificate" (marked green) MUST be filled in for it to be used for your SecureMail, and the email address MUST be the secure mailbox email, for example sikkermail@domæne.dk
The certificate name can be anything, but we recommend that the name is relevant to your secure email address.
- Click Certifikater to expand
- Type of Certificate should be set to OCES organisationscertifikat (20,00 D)
- Method of Identification should be set to Bruger-login
- Click to check next to Ja, gå direkte til udstedelse efter bestilling
- Method of Issuance should be set to Internetbrowser
- Click to check next to Foj certifikat til den offentlige certifikatdatabase
- Click Opret Certifikatprofil og bestil Certifikat at the bottom of the page
- A confirmation page will appear; select Bekræft oprettelse
After ordering, you will be logged out of NemID and asked to log in again. The text Du kan nu udstede dit certifikat will appear
- At the bottom of the screen, click Next
- Read the Terms and Conditions and accept them before clicking Next
- You will be presented with a password; please note that this password is chosen by MitID and cannot be changed
You only get one opportunity to see this code, so it is important that you write it down. If you lose the code, you will unfortunately have to order a new one and start over.
- Once the code is written down and/or saved, click Next to automatically download the certificate; if it doesn't happen automatically, you can click the Download certificate button to manually download it
Step 2: Configure VIPRE SecureMail
- Login to VIPRE Email Security portal and select SecureMail towards the bottom on the left side menu
- Under SecureMail, click Domains
- Click Add a Domain
- On the right hand side you will be presented with a drop down menu that will populate with all your existing domains configured on VIPRE Email Security Cloud; select the domain you want to add to SecureMail
- For help adding domains to VIPRE Email Security Cloud, read Add and Verify Domains
- Click Add Domain in the bottom right corner
Your domain has been added to SecureMail. Now, let’s upload your certificate and settings for your domain.
- Click on Add a Mailbox to add a certificate to your domain
- A new window will open in the right side of the screen; ensure type is set to Secure then click Add Certificate
You will now be prompted to either drag and drop your newly acquired certificate or manually locate it on your computer. You will also need the certificate password you received by NemID when ordering the certificate. If you do not have this password, you may need to start over by purchasing a new certificate
- Click Validate to validate the password with the certificate; if the password is correct, the certificate will be uploaded
- Next to Implicit select one of the following:
- None: Will never encrypt from this certificate, however, will still be able to decrypt; this is mainly used for mailboxes where you can receive encrypted messages, but never want to send out from.
- Sign: Will never encrypt from this certificate, but will be signed; signing proves that you are the person sending the message, but it is not considered secure
- Encrypt: Will always try to encrypt; if encryption is not possible the message will fail being sent; this is mainly used for mailboxes where it is of the utmost importance that nothing leaves unencrypted under any circumstances.
- Opportunistic Encrypt: Will always encrypt, if encryption is possible
VIPRE Recommends
If you do not know what you should choose, we recommend using Opportunistic Encrypt for your settings.
- Next to Read Receipts, click to toggle on or off; when on, you will receive a receipt once the mail has been sent that shows the encryption details so you know how it was sent
- Return Marker adds a code to the bottom of the mail that if left undisturbed will make sure that the original sender receives the answer of the mail
- Use as tunnel adds this mail address to your tunnel mail; you can only have one mail address on your tunnel, and it can take up to 24 hours for a tunnelmail to be added, removed or changed; Tunnel makes it possible to send between other companies without thinking who you will send to; if both sender and receiver are in the tunnel, it will be encrypted with highest level security
- Next to Use as default, click to toggle on or off; if sending from an address that does not have a certificate to an address that does have a certificate but are not on SecureMail, then we will automatically encrypt it using the default address information
- Please note that the reply comes back to the default address, and not the original sender, please see “Return marker”
VIPRE Recommends
For your first certificate, we recommend the following settings:
- Implicit: Opportunistic Encrypt
- Read Receipts: Off
- Return Marker: On
- Use as Tunnel: On
- Use as Default: On
- Click on Add mailbox
Please allow up to 24 hours for SecureMail to start working as configured.