Email Certificates (S/MIME)

Q: Does the recipient also need an S/MIME certificate to read encrypted emails?

For encrypted emails: yes, the recipient needs a compatible certificate. For signed emails: no, anyone can verify the signature.

S/MIME certificates protect your emails against forgery and interception. With an email certificate you can digitally sign all outgoing messages (proving you are the sender) and encrypt emails to specific recipients.

What can you use S/MIME for?

Digital signing

✓ Confirms the email came from you
✓ Shows your name and email address in the recipient's mail client
✓ Protects against email spoofing and phishing

Encryption

✓ Encrypts the email content end-to-end
✓ Only the recipient with the correct key can read it
✓ Required for sending sensitive data (account details, personal information)

Supported email clients

Microsoft Outlook (Windows and Mac) Apple Mail (iOS and macOS) Thunderbird Gmail (via plugin) All standard S/MIME-compatible clients

Certificate types

Product	Validation	Covers	Price
GlobalSign PersonalSign 1	DV	Email only: personal signing and encryption	€54/year
DigiCert Secure Email for Individual	DV	Email only (+2 free SAN)	€67/year
DigiCert Secure Email for Business	OV	Company name + employee name/pseudonym + email(s) (+3 free SAN)	€128/year
GlobalSign Qualified Electronic Signature	EV	Qualified electronic signature (QES) on QSCD USB device	€536/year
GlobalSign Qualified Electronic Seal	EV	Qualified electronic seal (QESeal) on QSCD USB device	€1,160/year

Shared mailboxes: For shared mailboxes (e.g. support@company.com) we recommend DigiCert Secure Email for Business with a pseudonym (e.g. Sales or TechDepartment). The pseudonym must not contain spaces.

Email certificates

DigiCert Secure Email for Individual

DigiCert email certificate for individuals. S/MIME encryption.

from €66 /year See details →

Secure Email for Business

DigiCert email certificate for businesses. OV validation.

from €127 /year See details →

GlobalSign PersonalSign1

GlobalSign PersonalSign. Email signing and encryption.

from €53 /year See details →

See all products with prices →

Frequently asked questions about email certificates

Find answers to the most common questions about SSL certificates and FairSSL.

Is S/MIME the same as PGP?

Both use encryption but are incompatible standards. S/MIME is the most widely deployed in enterprise environments and is supported natively in Outlook and Apple Mail without plugins.

Does the recipient also need an S/MIME certificate to read encrypted emails?

For encrypted emails: yes, the recipient needs a compatible certificate. For signed emails: no, anyone can verify the signature.

Does S/MIME work with Microsoft 365 / Exchange Online?

Yes. Microsoft 365 supports S/MIME natively. You upload the certificate in Outlook web settings.

Is the Danish "Tunnelmail" the same as S/MIME?

No. Tunnelmail is a Danish infrastructure for secure domain-to-domain email (often via forced TLS). S/MIME provides end-to-end encryption down to the individual user's inbox.

Is the Danish "Sikker Mail" the same as S/MIME?

Technically yes, "Sikker Mail" in Denmark relies on the S/MIME standard. However, the Danish public sector requires specific OCES3 (MitID Erhverv) certificates and typically does not trust standard international S/MIME certificates from providers like DigiCert or GlobalSign out-of-the-box.

Can I use standard S/MIME to communicate with the Danish government?

Generally no. To send secure email to Danish public authorities, you must use a MitID Erhverv certificate, an approved Danish SikkerMail gateway solution, or simply use the official Digital Post system (Virk.dk / e-Boks).

Can Danish MitID Erhverv certificates be used for S/MIME?

Yes, a MitID Erhverv OCES3 certificate is technically an S/MIME certificate and can be installed in Outlook to encrypt and sign emails.

Protect your most important emails

Create a free account and issue your first certificate in under 10 minutes.

Create free account Compare certificates