ManualsPro SIEMENS SIEMENS E-Mail Encryption with Business Partners User Guide

SIEMENS E-Mail Encryption with Business Partners User Guide

June 9, 2024
SIEMENS

siemens logo **E-Mail Encryption with Business Partners
User Guide
** E-mail encryption with business partners
(Guideline for business partners)

Intention of the document:

This guideline is written for Siemens business partners who need to communicate with their partners at Siemens via encrypted emails. It describes the system requirements  and the necessary configurations (Outlook and Windows) to enable a secure communication (signed and/or encrypted emails). It shows especially the possibilities for key  exchange. Please contact your Siemens partner if you have any problems.

Prerequisites on business partner side

2.1 Certificates:
The business partner needs certificates to send encrypted e-mails.
There are different standards for certificates. X.509(S/MIME) is supported by Microsoft Outlook and many other programs, therefore this standard should be used for  secure communication. Because of this reason all Siemens employees are equipped with their own X.509 certificates. PGP is only supported as a sideline and is available for  Siemens employees only on demand.
If your organization has its own trust center or your company is using a public trust center it should be used to obtain certificates. A few known public trust centers which are already listed in the Siemens IT infrastructure are:

2.2 Prerequisites for Software:
To encrypt with X.509 certificates your e-mail program has to support this standard. Also it has to evaluate the “key usage” field in the certificate. Outlook (since version  2003) already contains an encryption functionality which is compatible to the Siemens PKI and can be used without any further installation.
The following user guideline describes which steps have to be taken before a business partner and a Siemens employee can exchange encrypted and signed emails on the example of Outlook 2003. Therefore it is necessary that the business partner has installed his certificates in his e-mail program.

Possibilities for certificate exchange

Depending on the number of communication partners, different possibilities for certificate exchange are useful.
These alternatives can be applied:

  • Basically the usage of the Siemens external repository is recommended. This is a directory service for PKI keys in the Internet. It enables secure communication with every  Siemens employee. This repository contains the latest certificates of Siemens employees. After setting up of the repository, no separate key exchange is needed any more. But  it must be possible to send LDAP request over the internet. Otherwise this option is not possible. Please contact your network administrator in case of problems with LDAP-requests.
  • If the usage of the Siemens external repository is not possible or the business partner does not have a repository on the Internet, certificates must exchanged manually.

Guideline for business partners:

„Outlook Native encryption“

4.1 Transfer of own certificates to the Siemens partner
This paragraph describes how a business partner can transfer his own certificates to a Siemens employee.
Check out if the Siemens employee is able to send you an encrypted e-mail. If this is possible, no other actions have to be taken because a direct access to the directory service of your organization is possible.
If this is not the case, please send a signed e-mail to your Siemens partner. Please check the following settings so that he can access your certificates from your e-mail:

  • Open Outlook and the menu Tools Options, in the tab security click below “encrypted emails” on “Settings…”
    (Since Outlook 2007: Tools Trust Center in the Section „E-mail Security”)
    Activate in the following window “Change Security Settings” (Since Outlook 2007: on “Settings…”) the option “send these certificates with signed messages”

  • Close all  windows with “OK”

  • Send a signed e-mail to your Siemens partner. In such an e-mail all your certificates which are necessary for a secure communication are added automatically.

4.2 Transfer of Siemens certificates to a business partner
4.2.1 Usage of the Siemens external repository or http directory service of Siemens or the European Bridge-CA
4.2.1.1 Siemens Root Signing
Root signing certificates are certificates that you can use to sign other certificates that are linked up to a trusted root certificate. Since Siemens has its own Certification Authority the certificates of a Siemens employee are usually valid at the business partner.
4.2.1.2 Integration of the Siemens External Repository
The usage of the Siemens External Repository is generally recommended. It is possible to access all certificates of Siemens employees from the Internet.
Once the External Repository is installed, no further key exchanges are necessary. Make sure that the integration of the repository is not blocked by your Firewall policies.

Follow these instructions for the integration:SIEMENS E Mail Encryption with Business Partners - app1

  • Open the Outlook menu Tools
    E-mail Accounts.
    (Since Outlook 2007: Tools Account Settings in the tab “Address Books”)

  • Choose the Radio-Button “Add a new directory or address book” (Since Outlook 2007: On “New…”)

This wizard will allow you to change the e-mail accounts and directories that Outlook uses.

  • Choose “Internet Directory Service (LDAP)”.SIEMENS E Mail Encryption with Business Partners - Service
  • The Server name is: “cl.siemens.com“. Click on More Settings.SIEMENS E Mail Encryption with Business Partners - More Settings
  • Change to the tab “Search” and enter the Search base: “o=Trust center”.
  • Continue with OK.
  • Click in the previous Window Finish.
  • Note: It is necessary to restart Outlook to use the directory service.SIEMENS E Mail Encryption with Business Partners - directory service
  • At the end it is necessary that the directory services are in the right order in the address Book. Please open your address book
  • Click on “tools” and then on “Options”
  • Make sure that the directories are in the right order.SIEMENS E Mail Encryption with Business Partners - directory service1

4.2.1.3 HTTP Directory or European Bridge CA
 Siemens is providing a HTTP Directory service where Certificates of all Siemens employees can be downloaded via the following link: http://cl.siemens.com
Above that is Siemens a member of the European Bridge-CA. That is why you can get all certificates of all Siemens employees via the HTTP-Directory Service of the  European Bridge-CA, too. This HTTP-Directory Service can be found here: https://www.ebca.de/en/tools/finding-certificates/
To find a certificate, just enter the email address of the employee and save all offered certificates to your hard drive. If the saved certificates are .cart-Files you must change it into .cero-Files because the other files are not supported.
In order for Outlook to use these downloaded certificates, you need to add them to an Outlook contact. Follow these instructions to add a certificate to a contact:

  • Open your Outlook contacts and the contact of the Siemens employee you want to communicate with securely.SIEMENS E Mail Encryption with Business Partners - Outlook
  • Choose the tab “Certificates” and click on Import.
  • Choose the directory in which you saved the downloaded certificates and mark them for import.
  • Leave the contact via Save and Close.
  • Redo this for all Siemens employees you want to communicate with securely.

4.2.2 Manual certificate exchange via signed e-mail
If you cannot use the European Bridge-CA, p

lease ask your communication partner at Siemens to send you a signed e-mail.
After you have received the signed e-mail you should be able to communicate securely with the Siemens employee. Normally there are no further actions necessary. If there appears a “Digital Signature: Invalid” reference, please follow the instruction below.
Follow these instructions if you have received a signed e-mail with a “Digital Signature: Invalid” reference:

  • This window opens if you receive a signed email, whose Root-CA Certificate was not yet imported. ****
  • To import the CA-Certificates that come with the signed email, click on Trust afterwards a “Security Warning” appears, that asks you to verify the fingerprint of the certificate.SIEMENS E Mail Encryption with Business Partners - Certificates
  • Click on YES to import this certificate into your Windows Certificate Store.
  • Click with your right mouse-button on the Sender’s email address.
  • Choose the menu option Add to Contacts. Hereupon the contact window with the user’s details opens. Open the “certificate” tab and check if the certificates were imported.
  • Leave the contact via Save and Close.
  • Repeat this for all the business partners you want to communicate with securely.

Note: The signatures of the business partners will only be displayed as valid after opening the e-mail again.

Final settings for first usage in Outlook

To use e-mail encryption now the right certificate and the suitable encryption mode has to be chosen. Please consider that you can ignore this chapter if you have already installed and used e-mail encryption before on your system.

Please follow these steps:

  • Start Outlook
  • On Tools Options on the tab „Security“ you can find information to send encrypted e-mails. Click on  “Settings”, located next to “My S/MIME Settings”SIEMENS E Mail Encryption with Business Partners - Start Outlook
  • Choose the suggested certificate right next to „Signing Certificate“. Then choose a encryption algorithm. Siemens demands “3DES” here. Close everything with „OK“. If “3DES” is not available, it could happen that a weaker encryption method will be used. In this case the email cannot be read by Siemens employees. To solve this problem, please contact your Siemens partner and refer to the corresponding manual for Siemens employees.SIEMENS E Mail Encryption with Business Partners - More Settings1
  • Close Outlook and restart it to assume the changes.

siemens logoCorporate Information Technology
Date: 2013-07-15
Document type: user description
Version: 3.2
Author: Editorial team PKI
cio.siemens.com
E-mail encryption with business partners
Date 2013-07-15
©Siemens AG 2013
Author CIT G ISEC

Read User Manual Online (PDF format)

Loading......

Download This Manual (PDF format)

Download this manual  >>

SIEMENS User Manuals

SIEMENS QFA3150 Humidity and Temperature Sensor Instruction Manual
SIEMENS
SIEMENS SITOP PSU200M Instructions
SIEMENS
SIEMENS 400A and 600A Panel Board Switches Instruction Manual
SIEMENS
SIEMENS VNT Virtual Network Tunnel Instruction Manual
SIEMENS
SIEMENS 11061519 Remote Scan Control User Manual
SIEMENS
SIEMENS BI710E1B1 Accessory Drawer User Manual
SIEMENS
SIEMENS PXC7 Automation Stations Instruction Manual
SIEMENS
SIEMENS PXC5.E003 System Controller Instruction Manual
SIEMENS
SIEMENS 599-10071 Weather Shield Adaptive HVAC Supplies Instruction Manual
SIEMENS
SIEMENS A-Series Industrial Electric Actuator Instructions
SIEMENS
SIEMENS QBE3190UD25 Wet Differential Pressure Sensor Instruction Manual
SIEMENS
SIEMENS 536-811 Bracket Mounted Duct Temperature Sensor Instruction Manual
SIEMENS
SIEMENS EX675LYV1E Induction Hob Installation Guide
SIEMENS
SIEMENS TP505R01 Fully Automatic Coffee Machine User Manual
SIEMENS
SIEMENS ET675FNP1E Ceran Hob Instruction Manual
SIEMENS
SIEMENS TC 863 Series Filter Coffee Machine User Manual
SIEMENS
SIEMENS KG76NAIF0N Bottom Freezer Refrigerator Installation Guide
SIEMENS
SIEMENS PXC4.E16 Automation Stations Instruction Manual
SIEMENS
SIEMENS UP 251 Wall Motion Sensor Instruction Manual
SIEMENS
SIEMENS EX975LXC1E Induction Hob Instruction Manual
SIEMENS

Related Manuals

Breville BMO870 Convection Oven User Manual
Breville
Laurel Mountain Parker 5 Acrylic Rectangular Reversible Drain Drop-In Whirlpool Tub Instruction Manual
Laurel Mountain
MATCH WM00101 MultiLang Rules HarryPotter Instruction Manual
MATCH
HUION GS2201 22 Graphics Drawing Tablet User Manual
Huion
Westfalia 93 78 18 1100 W Submersible Sump Pump Instruction Manual
Westfalia
smanos P70 HD WiFi Camera User Manual
smanos
HARPER TVF-32 Full Motion Wall Mount Instruction Manual
HARPER
mAXPEENINGRODS 7500 lbs Rear Air Suspension Bags Kit Installation Guide
mAXPEENINGRODS
Mercury TD-W8960 Modem Router User Manual
Mercury
Epiroc ST2G Underground Diesel Loader Owner’s Manual
Epiroc
CENTEK CT-1530-36 Grill Instruction Manual
CENTEK
Visualint VI-3100 Outdoor Camera Installation Guide
Visualint
WALI M001 Single Monitor Desk Mount Installation Guide
WALI
teesa TSA3031 Food Dryer Owner’s Manual
teesa
Husqvarna QC330 Battery Charger Instruction Manual
Husqvarna
KOHLER PureWash M250 K-5724 Elongated Manual Bidet Toilet Seat Owner’s Manual
Kohler
JBC AL250 Auto Feed Soldering Iron Instruction Manual
JBC
ARIZE AWD220 Water Detector Installation Guide
ARIZE
WESTON SC87 Indoor Smoker and Slow Cooker Instruction Manual
WESTON
Russound 543VPS2 V-PS-2 GOW Power Supply User Manual
Russound
STIHL HSA 60.0 600mm Beater Hedge Trimmer Instruction Manual
STIHL
SONY STR-DH730 Multi Channel AV Receiver Instruction Manual
Sony
WALI 2655LO Full Motion TV Wall Mount Instruction Manual
WALI
CRAFTMADE UCI-2000-2 Universal Intelligent Control System User Manual
CRAFTMADE
TOTAL CONTROLS Version 2.0 Multi Function Button Box User Guide
TOTAL CONTROLS
SONOFF 4CHR3 4-Gang Wi-Fi Smart Switch Installation Guide
SonOFF
nedis HDMI Converter User Guide
nedis
Dongguan Bile Electronic Technology SK1 Series RGB USB/Bluetooth+2.4G 3-Mode Keyboard Instruction Manual
Dongguan Bile Electronic Technology
TROPHY RIDGE AQ2PCKT Quiver 2-Piece Conversion Kit User Manual
TROPHY RIDGE
GOGOBEST GF750 Electric Bicycle User Manual
GOGOBEST
Contact Us   Privacy Policy   5.532ms