HOME e-mail decryption using S/MIME Top 11 Certificate inspection10 Importing a public certificate Contents German

10 Importing a public certificate

The person you are corresponding with does not always have to send their public certificate when they send signed e-mails to you. You can simply store their public certificate in your certificate administrator - e.g. Kleopatra.

Storing a public certificate

Before you import a public certificate into Kleopatra, you must save it in a file. Depending on whether you received the certificate as an e-mailfile attachment or as a block of text contained in your e-mail, please proceed as follows:

Importing public certificates into Kleopatra

Whether you have saved the public certificate as an e-mail attachment or text block - in both cases, you will be importing it into your Kleopatra certificate administration. To do this, start Kleopatra if the program is not running already. In the menu, click on File -> Import certificate..., search for the public certificate you have just saved and import it. You will receive an information dialog showing the result of the import process:

It displays the imported public certificate in Kleopatra, in a separate tab Imported certificates with the title <Path to certification file>":

This tab is used for checking purposes, since a file can contain more than one certificate. You can close the tab using the Fenster -> Close tab command or via the "Close tab" button on the right side of the window).

Now change over to the tab "Other certificates". You should also be able to see the public certificate you have imported.

Now you have imported someone else's certificate - in this case Adele's public OpenPGP certificate - into your certificate administration. You can use this certificate at any time to send encrypted messages to the owner of the certificate, and to check his signatures.

As soon as you are exchanging encrypted e-mail more frequently and with a larger number of persons, you will likely want to search and import for certificates on globally available key servers. To see how this works, please see Chapter 16 .

Before continuing, an important question:

How do you know that the public OpenPGP certificate really came from Adele? It is possible to send e-mails under someone else's name - in this respect, merely having the sender's name does not mean anything.

So how can you ensure that a public certificate actually belongs to the sender?

This key question related to certificate inspections is explained in the next Chapter 11.

© 31. August 2010, v3.0.0-beta1 (last minor changes from 21. September 2010)
The Gpg4win Compendium is filed under the GNU Free Documentation License v1.2.

HOME e-mail decryption using S/MIME Top 11 Certificate inspection10 Importing a public certificate Contents German