I am now on my second computer and will proceed to import the public key I exported earlier from my first dummy account to my second computer. This is similar to what you will have to do when you receive a public key from another individual. You will have to import the key into your keyring before it can be utilized. Luckily, Gpg4win includes a nifty key management utility called Kleopatra that will make this whole import/export process very easy to perform. Here, I will perform a import.
Once I have Kleopatra opened, it will show you every key in your key ring. Here, you can see that I only have one key and that is the public/private key pair for my second email account, pgptester8082@gmail.com. I am now going to import the public key for pgptester808@gmail.com.
I simply click on the Import Certificate button, browse to the certificate location and that’s it! The certificate for pgptester808@gmail.com will then be successfully imported into the key ring and it will be listed in the “Imported Certificates” tab.
At this point, we are almost ready to begin sending encrypted emails with Outlook. We just need to configure one more thing.
Back in Outlook, we need to set one more configuration setting for the Outlook Privacy Plugin and that is to tell it which private key belongs to us. Within Outlook, click on the Add-Ins tab and you will see the mini toolbar for the plugin.
Click on the Settings button and then select the Compose tab. Under the Default Key selection box, we should see our newly created private key. In my case, this would be my first email account of pgptester808@gmail.com. Select it, hit OK and we are done!
Sending Encrypted Email
Finally, we are able to test the encryption system by composing encrypted emails! This test is very simple. I will be composing a email from my second email account (pgptester8082@gmail.com) to my primary account (pgptester808@gmail.com) using its public key. Sadly, we currently can only compose plain text emails using this system. HTML emails are not supported at the moment. Within Outlook, I press and hold down the Shift key while clicking on the New Email button. This lets Outlook know that I am composing a plain text email. I compose my email as usual. However, before sending, I select both the Sign and Encrypt setting located in the upper right corner.
Currently, while I can choose to both sign and encrypt an email, the recipient can only decrypt it and not be able to verify the signature. At the moment, if you want signature verification, you cannot encrypt the email and vice-versa. I’m not sure if this is a bug in the plugin or the fact that I am using Outlook 2013. As the plugin only supports Outlook 2010, this might be the cause. If you are using Outlook 2010, feel free to let me know of your experiences in this regard.
Verifying and Decrypting the Email
I now have received the email. In Outlook, here is how it initially looks like:
To decrypt the email, I simply hit the Decrypt button in the upper right hand corner. I will then be presented with a password dialog box. I need to now enter my passphrase to unlock the private key for my pgptester808 email account. Once done so, the email is then decrypted right in front of your eyes. Voila!
As I mentioned above, I am not able to both sign and encrypt an email. Therefore, I sent another test email with just signature verification. By selecting the email and hitting the Verify button, the PGP signature will be verified by using the sender’s public key. If all is well, you will get an OK return message.
If you want to get rid of the WARNING prompt, you have to personally trust the other party’s public certificate/key within Kleopatra.
In the End…
The method I showed here is probably not the best to incorporate OpenPGP with Outlook. Not only does it not support multiple email accounts and HTML emails but worst part is, I can’t seem to both sign and encrypt an email at the same time! Technically I could do both as a sender but the recipient will only be able to decrypt and not perform signature verification. Of course, the Outlook Privacy Plugin is free of charge so I can’t expect too much. There are paid products to support OpenPGP within Outlook but unless you absolutely cannot live without Outlook, you’re better off using Thunderbird or other open source email clients that have this feature either built-in natively or provided via third party plugin support.
OpenPGP Support in Outlook 2010 and 2013,Consider Also Reading...
Configuring Remote Access for NAS4FreeDue to the immense popularity of my blog article on how to configure a NAS4Free server on a Windows ... 
Sync Your Documents with DropboxIn my quest to find a online sync service that worked for me, I've first decided to try Windows ... 
Sandboxing your Browser for Ultimate ProtectionIt's no question that many of our work that's being accomplished today is composed in our Internet browsers. There's ... 
My Pros and Cons with Ubuntu LinuxDubbed 'Linux for Humans', Ubuntu has a lot to live up to, especially when comparing it to Windows. As ... 
Microsoft's Windows 7 Anti-Piracy UpdateMicrosoft just released a new Windows update for people currently using Windows 7. What does the update do that ... Pages: 1 2
Loading ...
Bypass ISP Video Throttling with a VPN
Configuring Remote Access for NAS4Free
Creating VM Clones in Microsoft Hyper-V
Getting to Know DNS! Part 3
Getting to Know DNS! Part 2
I installed the plugin in Outlook 2010 but when I do the settings for the plugin there is nothing there for setting the location for gpg.exe file. The decript will not work. What did I do wrong or maybe it just will not work with the 2010 Outlook
*sigh* Don’t worry Paul, I’m pretty sure it’s not just you. I’ve concluded that this plugin is just broken and doesn’t work as intended. I’ve just been too lazy to write a note in the article stating so but I’m going to do that right now after typing this reply. I’ve tried just about everything to get one of the newer versions of this plugin to work but to no avail. It’s just either broken or I’m doing something wrong, although I don’t know what that could be considering how sparse this plugin’s options are. The plugin help page isn’t much help either.
The funny thing is that at the time I wrote this article, I actually had it working but that was using an older version of the plugin. The major issue I had was not being able to both encrypt + sign an email along with both decrypting + verifying an email. It was either or but at least the plugin was partially working. With the newer version, just signing an email fails miserably and verification of an email (signed with Thunderbird and Enigmail) fails as well. If you want to, feel free to try older versions of the plugin and see if you have better luck than I.
http://code.google.com/p/outlook-privacy-plugin/downloads/list
For now, I will still keep an eye on this plugin but will not recommended it until all issues are resolved. Sadly, for Outlook, there’s not much free OpenPGP implementations out there.
Hi,
thanks for the great article. I had one question though: how do you import a keyset generated on an other computer for the same user, instead of creating a new set of keys?
Thanks
Hello Majid. Technically, you can import your personal keys onto another computer with the Kleopatra software and the OpenPGP plugin should recognize it within Outlook. Also, I made a slight mistake in the article by showing the key generation process using the command line method. Instead, it is much easier for users to use Kleopatra instead for all of their key management tasks which includes generating new sets of keys along with exporting and importing keys, which is what you are after. Hopes this answers your question!
Hi Simon,
thanks for the feedback. From within the outlook plugin, when i try to set the key to the one to use by default to decrypt inbound messages, sign, verify etc, the plugin (under Add-ins->Settings) does not show me my key, although Kleopatra already imported it. Have you seen that before?
thanks
Majid
After talking with another reader who also wished to implement OpenPGP in Outlook, I am simply giving up on this plugin. It just seems broken. I was going to write a note of this in the article but I simply forgot but I will add it shortly after this. This plugin just has too many problems and quite honestly, I myself don’t know how to solve it. After upgrading to a recent version, everything just doesn’t seem to work anymore. In my original write up, I noted that I couldn’t get the plugin to verify a digital signature and that alone is not acceptable. I made a note of this to the developers when I first wrote the article but have yet to get a response from them.
It does seem that they are continually trying to improve this plugin as they’ve just released a new version (BETA-24). I’m going to give this plugin one more try and hopefully I will get better results. If not, I’m abandoning the plugin altogether. I’m sorry for not being able to answer your original question!
Nice work. I had been missing my Outlook openPGP once I upgraded to Windows 8 and Office 2013 rtm. Once I jumped through the cert and unlock steps in the privacy plugin, it just worked like a charm. Do you mind if I link to your blog post in my FAQ security section?
Thanks again.
Mike
Thanks for the feedback Michael. You can definitely link to my article on your website.
Thank you, Simon, for your excellent write-up!!!
Your welcome Yalo! Hope you got the most out of the article. Enjoy OpenPGP!
Fantastic write-up! I was looking for a way to integrate pgp for outlook 2010 and stumbled across the outlook privacy plugin. Further searching for any reviews or issues with the plugin lead me to your page and this write up. Just went through the process and it all worked fairly seamlessly! A few small comments: For the two gpg commands, I had to look at the screenshot to get it right, as the dashes don’t appear properly in the article. It looks like gpg-gen-key and gpg-export vs gpg –gen-key, etc. Taking a closer look at your screen capture resolved.
Also, and this may be because I’m on an AD domain with exchange, the first time i started outlook and pointed the plugin to the gpg location, it hung. The second time I started Outlook, I went to the exchange server tab and entered my domain name, then back to the general tab to point the location, all went fine from there.
Thanks again!
Hey David, your welcome and thank you for taking the time to give your feedback especially about the dash problem. However, I think that is attributed to my either WordPress itself or my theme because I can assure you that I wrote the double dashes. In fact, if you look at your own comment, it also shows your double dashes as just a singular dash as well! Although it showed as two separate dashes while you typed our your comment in the comment box, I saw the same thing when I wrote my article. This issue also appears when I type in directory or registry locations. It removes the backslash character.
I will make a note at the beginning of the article detailing this issue.
EDIT: I fixed the actual issue by specifying the HTML representation of the dash and backslash character in my post.
Microsoft Outlook 2010 is the latest and advanced version of Microsoft’s email client. Being an IT pro, I like Outlook 2010 mainly because of its whole new set of features like bitness registry keys and MailTips etc. However, like other previous mail clients, Outlook 2010 is also prone to problems. Find here,how to Setup a POP3 Email Account in Microsoft Outlook 2010.