Self-service Globalsign S/MIME certificates

University of Waterloo has selected GlobalSign to provide personal S/MIME client certificates. These certificates are used to sign and/or encrypt emails. 

Note: Both the sender and receiver of an email must have previously exchanged public keys in order to send encrypted email. For most clients, it is sufficient for one party to send a signed email, then the recipient to respond to that email with a signed email.

Requesting a Certificate

To request an S/MIME Certificate for your University of Waterloo Email Address, visit the self-service GlobalSign Client Certificate request page and provide the following information.

Common Name: Your Familiar Name (Eg: John Doe, Jane Doe).

Email Address: The email you send as (Eg: jane.doe@uwaterloo.ca, jdoe@uwaterloo.ca).

Pickup Password: Either generate or type a password. You will need to validate your email address once your certificate has been approved.

Please note, this service is not for sending one-time signed email.

Retrieving Your Certificate

When your request has been approved, you will receive an email to pickup your certificate. You will need to enter the pickup password from the request stage. Following this, you will need to enter a certificate password. This password is used for your certificate to sign and decrypt emails, you must save this password or your certificate will be unusable, and you will not be able to decrypt messages sent with that certificate or to encrypt new ones.

Installing Your Certificate

Once you have received your certificate, you will need to configure your mail client to use it. The instructions vary by platform.