---+ ODS Webmail Example for Encrypting Emails using Asymmetric Key Technology

Assume the following scenario where John sends encrypted email message to Kate:

---++Prerequisites

   1. Perform the steps from the [[OdsMailInstallGuide][Virtuoso ODS-Mail Installation Guide]].
      * In our example we will use for domain name: mytest.com
   1 Install the ODS Addressbook vad package: [[https://virtuoso.openlinksw.com/download/][<nowiki>ods_addressbook_dav</nowiki>.vad]]

---++Configure ODS User and Webmail settings

   1 Register two users in ODS: John and Kate respectively with emails for ex.: <b><nowiki>john@yahoo.com</nowiki></b> and <b><nowiki>kate@yahoo.com</nowiki></b>
%BR%%BR%<img src="%ATTACHURLPATH%/e1.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e2.png" />%BR%%BR%
   1 John and Kate create ODS Webmail instances:
      1 Go to Application Settings ->Application Management and click "New Web Application" button:
%BR%%BR%<img src="%ATTACHURLPATH%/e3.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e4.png" />%BR%%BR%
      1 Click "Create Application" for application type "Mail".
      1 In the presented form choose domain "mytest.com":
%BR%%BR%<img src="%ATTACHURLPATH%/e5.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e6.png" />%BR%%BR%
      1 Click "Create and Launch Application" 
   1 John [[ODSGenerateX509Certificate][creates X.509 Certificate]] with mail <b><nowiki>john@mytest.com</nowiki></b>.
   1 Kate [[ODSGenerateX509Certificate][creates X.509 Certificate]] with mail <b><nowiki>kate@mytest.com</nowiki></b>.
   1 John exports his X.509 Certificate, for ex. to local file with name <b>john.p12</b>.
   1 Kate exports her X.509 Certificate, for ex. to local file with name <b>kate.p12</b>.
   1 Kate extracts her Public Key and shares it to John:
<verbatim>
$ openssl pkcs12 -in kate.p12 -out KatePublicKey.pem -clcerts -nokeys
Enter Import Password:*******
MAC verified OK
</verbatim>      
      * Suppose the generated Public Key KatePublicKey.pem has the following content:
<verbatim>
Bag Attributes
    friendlyName: kate's OpenLink Software, Inc. ID #2
    localKeyID: 86 14 1A E2 08 CD 05 DC 37 37 04 ED A3 A9 7A 2E AF 7C 3D F2 
subject=/CN=kate/C=US/O=OL/emailAddress=kate@mytest.com
issuer=/C=US/ST=MA/O=OpenLink Software, Inc./OU=Virtuoso/CN=Root CA/emailAddress=ods@openlinksw.com
-----BEGIN CERTIFICATE-----
MIID3zCCAsegAwIBAgIBRjANBgkqhkiG9w0BAQQFADCBhDELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAk1BMSAwHgYDVQQKExdPcGVuTGluayBTb2Z0d2FyZSwgSW5jLjER
MA8GA1UECxMIVmlydHVvc28xEDAOBgNVBAMTB1Jvb3QgQ0ExITAfBgkqhkiG9w0B
CQEWEm9kc0BvcGVubGlua3N3LmNvbTAeFw0xMTA2MTUxMjM5MzZaFw0yMzExMTEw
NDM5MzZaMEkxDTALBgNVBAMTBGthdGUxCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJP
TDEeMBwGCSqGSIb3DQEJARYPa2F0ZUBteXRlc3QuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAuObpEatzo88cyFILUhdW/TRCoyt6e5r8e8+bL6Cd
f0/Yuz9KcSEEUdnobB59EdOa0t9vQ+dAimVBOeRceDz666KUD0UouICKENNUfLCK
MTyGlRr9lzmDpw3hlfIJ7ODtBHQhTD99CPc1E8dksRhWfeMwr7hc+qkT7EJEw1Y9
VYnjTWYPX8UrxVDcg2v9+edoCmA4BjiClb0+y2CMtdSJqGxPyjDBvqCl0cTC2Kpj
4o4WreEDhVS/MBmlj1njxst2TZKm4WDC1XnbHsR8x/HDVnip9yju5z/2l65jviYp
IbAp+WSHpTk4x/hWz3PmyxyyUKpTV4THxZTqSCXD3diJ/wIDAQABo4GVMIGSMB0G
A1UdDgQWBBRBa9q230F9filCpYGDwcMqiGVL8jBCBgNVHREEOzA5hjdodHRwOi8v
b2RzLXFhLm9wZW5saW5rc3cuY29tL2RhdGFzcGFjZS9wZXJzb24va2F0ZSN0aGlz
MC0GCWCGSAGG+EIBDQQgFh5WaXJ0dW9zbyBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw
DQYJKoZIhvcNAQEEBQADggEBACS1UtjcZnuVD4rH5Bzdpgg/lwwf3w8xN2HVhH20
4akMT9PvNVQaxcprBCLTmfXZ7mi14GiGvkKND/3wdDrp+06J3NE28/0uYPL6HS4b
Uak9U4PRXcsLKTyHSnZ6zHll/cQ4f8V9U4Wjm2/BXxNeOdEB2U3NVG1lhc2xBBs8
NkXNl78xb9ME99EIaZKuASPBspY+tWPmofL0DPGH32hsPDGLrKWR/RAE1EqItyJe
p4+Fdm5sD7xgzHNuPLj9YYRfxHq31Al7cZZYh9fdvCYJQZDNDulxySqFI+tZ7SCp
EMTMShHZxJNQCF0yHO4d3tOIzZq3EaaYQ4FguCTH0kQ7eiE=
-----END CERTIFICATE-----

</verbatim>
   1 John creates ODS AddressBook instance: from "Application Settings ->Application Management" or click "AddressBook" from the left vertical navigation:
%BR%%BR%<img src="%ATTACHURLPATH%/e7.png" />%BR%%BR%
   1 John adds a new AddressBook contact with name "Kate":
      1 In the AddressBook UI, click "New contact":
%BR%%BR%<img src="%ATTACHURLPATH%/e8.png" />%BR%%BR%
      1 In the presented "Main" tab enter "name": Kate 
%BR%%BR%<img src="%ATTACHURLPATH%/e9.png" />%BR%%BR%
      1 Go to tab "Contact" and enter "Mail": kate@mytest.com
%BR%%BR%<img src="%ATTACHURLPATH%/e10.png" />%BR%%BR%
      1 Go to tab "X.509 Certificate" and enter the content of the Public Key from above for Kate: KatePublicKey.pem:
%BR%%BR%<img src="%ATTACHURLPATH%/e11.png" />%BR%%BR%
   1 John and Kate set in their ODS Profile a Private Key:
      1 Go to Profile ->Edit ->Security->Certificate & Private Key
%BR%%BR%<img src="%ATTACHURLPATH%/e12.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e13.png" />%BR%%BR%
      1 Click "Import key from local file" and respectively for John select his certificate john.p12 and for Kate select her certificate kate.p12:
%BR%%BR%<img src="%ATTACHURLPATH%/e14.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e15.png" />%BR%%BR%
      1 Enter "Key Name" for ex. respectively for John: <b>JohnKey</b> and for Kate: <b>KateKey</b> and provide the certificate password:
%BR%%BR%<img src="%ATTACHURLPATH%/e16.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e17.png" />%BR%%BR%
      1 Click "Import Key"
      1 As result for both John and Kate should be displayed in the Certificate & Private Key List the imported certificate:
%BR%%BR%<img src="%ATTACHURLPATH%/e18.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e19.png" />%BR%%BR%
   1 John configures his Webmail Settings:
      1 Go to Webmail instance->Preferences and set:
         1 For "Encryption (with certificate)": select the "JohnKey" key.
         1 Select "Required (can't send message unless all recipients have certificates)"
%BR%%BR%<img src="%ATTACHURLPATH%/e20.png" />%BR%%BR%
         1 Finally click "Save"to set the changes.
      1 Kate goes to her Webmail instance->Preferences and sets:
         1 For "Encryption (with certificate)": select the "KateKey" key.
%BR%%BR%<img src="%ATTACHURLPATH%/e21.png" />%BR%%BR%
         1 Finally click "Save"to set the changes.
   1 John sends encrypted email message to Kate:
      1 John goes to his Webmail instance -> Write Message:
%BR%%BR%<img src="%ATTACHURLPATH%/e22.png" />%BR%%BR%
      1 For "To" field clicks the "Select" button or manually enters Kate's email <b><nowiki>kate@mytest.com></nowiki></b>
%BR%%BR%<img src="%ATTACHURLPATH%/e23.png" />%BR%%BR%
%BR%%BR%<img src="%ATTACHURLPATH%/e24.png" />%BR%%BR%
      1 John enters "Subject" for ex: "This is encrypted msg" and "Message": "Simple test" 
%BR%%BR%<img src="%ATTACHURLPATH%/e25.png" />%BR%%BR%
      1 John clicks "send message" and message for successfully sending the message should be shown:
%BR%%BR%<img src="%ATTACHURLPATH%/e26.png" />%BR%%BR%
   1 Kate receives the encrypted message from John:
      1 Kate goes to her Webmail instance -> Inbox where should be displayed the new message from John:
%BR%%BR%<img src="%ATTACHURLPATH%/e27.png" />%BR%%BR%      
%BR%%BR%<img src="%ATTACHURLPATH%/e28.png" />%BR%%BR%           

---++Related

   * [[OdsMail][ODS-Mail]]
   * [[ODSMailEncryptASymmetricSpecial][ODS Webmail Example for Encrypting Emails using special search by domain]]
   * [[ODSMailEncrypt][ODS Webmail Guide for Optionally Encrypting Emails]]
   * [[ODSMailSendDigitallySignedMsg][ODS Guide for Sending Digitally Signed Messages]]
   * [[ODSMailWebIDSMIME][ODS-Mail Evaluate SMIME + WebID Support Guide]]