Configure Message Security in OWA 2003

How can I configure e-mail and message security in Outlook Web Access (OWA) 2003?
After installing the online Certificate Authority (CA) and after obtaining a user Digital Certificate signed by your CA you will now need to configure Outlook Web Access (OWA) to use the new message security features.
In Outlook Web Access you will need to install the S/MIME control by downloading it to the computer that you are using to browse.
These features include:

  • Message encryption
  • Message signing

Other benefits are described in the S/MIME Benefits in OWA 2003 article.
Note: These features are only available as part of the Exchange Server 2003 OWA, and are not available on previous versions of OWA.
Note: Before being able to encrypt or sign messages you will need to apply for, receive and install a Digital Certificate designated for this purpose. For more info please see the Related Articles section at the bottom of this page.
BTW, there’s an issue with IE 7 and the S/MIME control found in Exchange 2003. Read more about it and how to fix it in Internet Explorer 7 Crashes when Posting Messages in OWA 2003.
In order to configure Outlook 2003 to use the new message security settings please follow these steps:

  1. Open Internet Explorer.
  2. Type http://server.domainname/exchange in the address field and press Enter.
  3. Type the user name and password in the dialog box.
  4. In the Navigation Pane, click Options.

 

  1. On the Options page, under E-Mail Security, click Download.

 

  1. If a File Download message appears, click Open. If a security warnings appears, click Yes.

 

  1. Click on Save and Close (on the top left corner of the Options screen).

Compose a new message (CTRL+N) or reply to any message (CTRL+R). Notice that 2 new buttons are now visible:

  • The Encryption button
  • The Message Digital Signature button

 

Using Message Digital Signature

In order to use the Message Digital Signature feature you do not need to perform any special action. Just type your message as you would in any regular message, press the “Add a Digital Signature to this message” icon, then press the Send button.

If you send a message to yourself (or to another account you can open) you’ll see that the new message has a Digital Signature icon on the right-hand side of the message window.
 
Clicking on it will bring up a dialog box telling you if the signature was in fact ok, or in case of problems with the message signature – warn you against possible threats.
 

Using Message Digital Encryption

In order to use the Message Digital Encryption feature you will first need to obtain your recipient’s Public Key.
Without going into great detail hare (I will later, on a different article), the Public Key part of a pair of mathematical keys (Public and Private keys) which are used for message encryption and authentication. The Public Key is basically a long string that can be used to encrypt a message, while only the person holding the Private Key will be able to decrypt the message.
In order to encrypt a message that is intended to be read only by David, I will need to ask David for his Public Key, so I will be able to use it to encrypt the message, knowing that there is only one person that holds the key’s pair – the Private Key – and that person is David.
So in order to be able to exchange encrypted messages between myself and David, I will need to first send a Digitally Signed message (see procedure above) to David, thus sending him my Public Key. Next, David will have to reply to my message by sending his Public Key. The moment we both have each other’s Public Keys we will be able to begin sending encrypted messages to one another.
Just type your message as you would in any regular message, press the “Encrypt message content and attachment” icon, then press the Send button.
If by mistake you still don’t have the recipient’s Public Key you will get a warning message telling you that the message cannot be encrypted: