Webmail: Encrypting Email Using AKO

How do I encrypt an email?

This FAQ describes how to encrypt an email with the AKO Webmail. To encrypt emails within an external email client, contact your local IT Team or the external email client’s help desk.

To encrypt emails, you must have S/MIME enabled and your signing certificate selected in webmail. Once you have that selected, you will then need to download and import the recipients email certificate into Internet Explorer. Then you can follow the steps to send an encrypted email to the email recipient.

Note: The signing certificate on your CAC must match your AKO/DKO username to digitially sign and encrypt webmail within AKO/DKO. For instructions on how to update your signing certificate, please Updating the Email Address on your CAC.

Enable S/MIME

Enable S/MIME and select your signing certificate on your account. For further information Digitally Signing and Encrypting Emails.

Download Recipients Email Certificate

  • Go to https://dod411.gds.disa.mil/
  • Search for the person using the search tools.
  • Click on the person’s last name.
  • Click on ‘Download Certificate(s) as .cer file (Non-Outlook Users)
  • Click on ‘Hardware (CAC) Certificate for [person’s email address here] valid until [valid to date here].
  • Save the file to your desktop.

Import Recipients Email Certificate

  • Click on ‘Tools‘ within Internet Explorer.
  • Click on ‘Internet Options’.
  • Click on the ‘Content’ tab.
  • Click on ‘Certificates’ within the ‘Certificates’ section.
  • Click on the ‘Other People’ tab.
  • Click on ‘Import’.
  • The “Certificate Import Wizard” will appear, click on ‘Next’.
  • Click on ‘Browse’ and locate the certificate on your desktop.
  • Click on ‘Open’.
  • Click on ‘Next’.
  • Click on ‘Next’.
  • Click on ‘Finish’.

Encrypt the Message

Webmail Classic:

  • Log into Webmail Classic.
  • Click on ‘Compose’.
  • Type up the message to the recipient.
  • Ensure the check box “Encrypt Message” is checked.
  • Send Message.

Webmail 2.0:

  • Log into Webmail 2.0.
  • Click ‘Write’ on the horizontal tool bar.
  • Click ‘Security’ on the horizontal tool bar.
  • Select a Signing Certificate.*
  • Check ‘Encrypt.’

*If you do not have the option to choose a signing certificate, do the following:

  • Clear your temporary internet files (cache). On your internet browser bar, go to Tools > Internet Options > Browsing History > Delete.
  • Close all internet browsers, open back into Webmail 0, and try again.
  • If this does not work, please try Webmail Classic. Signing and encrypting works intermittently if you are in Internet Explorer 7.

Leave a Reply

Your email address will not be published. Required fields are marked *