S/MIME email support

Secure/Multipurpose Internet Mail Extensions (S/MIME) sign email with a digital signature that verifies where the email came from. If the email client supports it, S/MIME can also encrypt the email.

Enable S/MIME for Apple macOS devices through a configuration profile payload. The payload must include a third-party security certificate for signing and encryption. Self-signed certificates aren't supported.

macOS S/MIME support is configured in the Mail section of a macOS configuration profile.

To configure S/MIME support
  1. In Tools > Modern Device Management > Agent settings, open the macOS configuration profile you want to modify.
  2. In the configuration profile editor, click the Certificates configuration, and click the Configure button if you don't see the configuration options.
  3. Browse for the certificate file you want to add and click Open.
  4. Type the Passphrase associated with the certificate.
  5. Click the Mail configuration, and click the Configure button if you don't see the configuration options.
  6. In the Mail settings section, click the Outgoing mail tab.
  7. Select the Enable S/MIME option, and select the Signing Certificate and Encryption Certificate you added earlier.
  8. Click OK and save your changes.
  9. Deploy the profile.