Importing and using your Email or Personal Authentication certificate with Djigzo for Android

Djigzo is a third party mobile application that provides S/MIME services which are missing from the native Android OS. Once you have installed Djigzo and imported your CPAC, Djigzo will work alongside your chosen mail application to help you send and receive secure mail.

This document explains how you can import, configure and use your CPAC on Android devices using Djigzo App.

If you originally downloaded your certificate to your desktop or laptop then you first need to export it using one of the browsers listed on the CPAC main page. When doing this, please make sure you export the private key and include all certificates in the certificate path if possible. You must also specify a strong password to protect the certificate file.

Once exported you can email the certificate file to your Android device or transfer it in some other manner (for example, copy to a USB drive or upload then download from online storage).

Importing your certificate into Djigzo:

  1. Open the Djigzo app and touch the menu button on the device.

  2. Tap 'Import Keys'.

  3. Use the browse button to locate and choose the certificate you want to import:

  4. Enter the password you set up for the certificate when it was exported then press the 'Import Keys' button to begin the import process.

  5. Next, enter the password for the key store that was set during the first certificate import. Note: This key store password is different from the password used for importing certificates.

    The certificate will be imported and you will see a confirmation message:

    The imported certificate can be viewed in the Certificate & Keys screen:

    The certificate can now be used for signing and encrypting messages for the account that you have configured on the device.

Signing and Encrypting Mails

Background Information:

  • Signing an email ensures the recipient knows the email has come from you and informs them that it has not been modified in transit.

  • Encrypting an email ensures that only the recipient can read the email content and attachments.

    Note: In order to encrypt mail, you must first have your recipient’s email certificate in your certificate store. To obtain their certificate, you need to get your contact to send you a digitally signed email.

    Upon receipt of the signed mail, tap the certificate download button in your mail client. Djigzo will then automatically open and offer to import the certificate for you. Make sure the 'Certificates' store is selected then touch the 'Import Certificates' button to begin importing.

After import is complete, you need to assign the certificate to your mail account

Assign the certificate

  1. Open Djigzo and access 'Settings'.

  2. Tap Account in the settings screen then select the mail account which matches the certificate you imported earlier:

  3. In 'Account settings', tick the Sign and Encrypt check-boxes. Once these are enabled, Android will offer you the opportunity to sign and/or encrypt mail on a per-message basis.

    Next, tap 'Select signer...'.

  4. Long press on the certificate that you want to assign to the mail account

  5. Touch 'Select' to confirm your choice.

The certificate you selected will be used by Djigzo to sign and encrypt mail for your account.

To sign and encrypt mails

  1. Open Djigzo and tap 'Compose message'.

  2. Compose your email and attach files as usual. Enable the 'Sign' and/or 'Encrypt' check-boxes and press 'Send'.

  3. Djigzo requires password authorization to access your certificate. Enter the key store password and tap 'OK'.

The message will be sent.

Viewing signed and encrypted mails

When a signed and/or encrypted mail is received by your Android mail client, it will have a .p7m attachment. If the mail is only signed, then Djigzo will verify the signature and your mail client will display the message as usual. If the mail is encrypted then Djigzo will require you to enter your certificate password so it can decrypt the message.

  1. Select the encrypted mail and tap the 'Preview' button.

  2. The encrypted message will automatically be opened by Djigzo.

  3. Enter the key store password and tap 'OK'.

  4. The decrypted message will be displayed in Djigzo.

Contact an Expert

Contact us for consultation on your security needs test.

Contact an expert