Use personal certificates in Mail
If you want to send and receive signed and encrypted messages, you need a personal certificate.
Step 1: Obtain a certificate
For each email address you want to use to send signed messages and receive encrypted messages, request a certificate from a certificate authority (CA).
Step 2: Import the certificate
To import the certificate into Keychain Access, double-click the certificate file you received from the CA. Once you import your certificate, it should be listed in the My Certificates category in Keychain Access.
The certificate file must have a file extension that indicates it contains certificates—such as .cer, .crt, .p12, or .p7c—or Keychain Access can’t import it.
If Keychain Access can’t import the certificate, try dragging the file onto the Keychain Access icon in the Finder. If that doesn’t work, contact the CA to ask if the certificate is expired or invalid.
Step 3: Use the certificate
Open your certificate in Keychain Access and make sure its trust setting is Use System Defaults or Always Trust. Now you can use the certificate to send and receive signed and encrypted messages.
Note: If for some reason your certificate isn’t associated with your email address, or you want to use the certificate with a different email address, Control-click the certificate in Keychain Access, choose New Identity Preference, and provide the requested information.
To use your certificate on another Mac, import the certificate into Keychain Access on that Mac.