How to request and download a GlobalSign S/MIME certificate

Owned by Natasha Jennings
Last updated: Nov 10, 2023 by Palak Chauhan
2 min read

The University of Waterloo has selected GlobalSign to provide personal S/MIME client certificates. These certificates are used to sign and/or encrypt emails. 

How to request a S/MIME certificate

To request an S/MIME Certificate for your University of Waterloo email address, visit the self-service GlobalSign Client Certificate request page and fill in the required fields below:

How to fill out the required fields

  • Common Name: Your Familiar Name (e.g. John Doe).

  • Email Address: The University email you send messages from (e.g. jdoe@uwaterloo.ca or john.doe@uwaterloo.ca).          

  • Pickup Password: Either generate or type a password. You will need to validate your email address once your certificate has been approved.

    • The recipient will need the “Pickup Password” to complete the certificate installation. Please provide the Pickup Password in a secure and out-of-band method. You will not be able to download the S/MIME certificate if the password is forgotten. There are no retrieval processes for this password, another request needs to be submitted.

 

The certificate must be issued to the same email you are sending from. If the certificate was issued to your friendly email (e.g. firstname.lastname@uwaterloo.ca), please enter it into the Full Email Address field, otherwise you can enter your 8-character username @uwaterloo.ca (e.g. j25rober@uwaterloo.ca).

How to download a S/MIME certificate

When your request has been approved, you will receive an email to pickup your certificate. You will also receive a link to start the certificate download and installation process.

  1. The link will take you to the Certificate Pick-up site where you will be required to enter your pick-up password (from above) and press Next.



  2. You will need to create a certificate password. This password is used to sign and decrypt emails.

You must save this password or your certificate will be unusable, and you will not be able to decrypt messages sent with that certificate or to encrypt new ones.

3. After the certificate password is created, you can follow the link provided on the webpage to download the certificate.