How to send encrypted emails using iOS Mail (iPhone/iPad) ?

10 Mar ‘23

When you wish to send an S/MIME based encrypted email using iOS Mail, your iPhone or iPad needs to be aware of the S/MIME certificate of the recipients, and you must have a valid S/MIME certificate installed in iOS.

You can either manually install an S/MIME certificate on your iOS device, or have it installed by an MDM solution such as Intune or Mobile Iron.

To manually configure your installed S/MIME certificate for iOS Mail, go to: Settings -> Mail -> Accounts -> <Select your account> -> select the account again -> Advanced Settings -> Sign -> <select the available certificate> -> back  -> Account -> Done

When drafting a new email, or replying to an email, iOS Mail does an automated remote fetch of the public S/MIME details of the recipient from a configured (Azure) Active Directory.

If the recipient is not in your AD or AAD, ie someone outside your organization, or you do not make use of an Exchange server you must always locally save the S/MIME certificate of a recipient, prior to being able to send them an S/MIME encrypted email from iOS Mail.

To locally save a person’s S/MIME certificate for iOS Mail, follow these steps:

• request the recipient to send you a digitally signed email using a trusted S/MIME certificate
• once received, tap the trusted signed email sign in the email

• Select “View Certificate”

• Now select “Install Certificate”

Provided you are using an Exchange server with AD or AAD that contains all your company users’ S/MIME certificates, or you have locally saved at some point all your intended external recipients S/MIME certificates, you can now draft an email in iOS Mail, and tap the recipient email address, to enable to option to encrypt the email:

Source: https://support.apple.com/en-us/HT202345