Email Security, S/MIME Certificates

Sign and encrypt every email. Prove it came from you.

S/MIME certificates let you digitally sign outgoing emails, giving recipients cryptographic proof that every message is genuinely from you and hasn’t been tampered with in transit, and encrypt content so only the intended recipient can read it. Four validation levels cover every use case, from personal privacy to executive-level trust.

Find your certificate Talk to an expert

S/MIME Certificates at a glance

Basic S/MIME

For personal privacy

Digitally sign and encrypt email for a single address. No identifying information beyond your email address. Ideal for personal communications requiring privacy and integrity.

? Email address validation
? Digital signing
? Email encryption
? No additional info required

Buy Basic

IV S/MIME

For verified professionals

Validates your first and last name in the digital signature. Builds professional credibility for client-facing communications. Ideal for lawyers, accountants, engineers, doctors, and notaries.

? Individual name validation
? Digital signing
? Email encryption
? Verified professional identity

Buy IV

OV S/MIME

For organizations

Validates your organization’s name. Prevents CEO identity fraud and corporate impersonation. Ideal for functional addresses: support@, billing@, admin@.

? Organization name validation
? Digital signing
? Email encryption
? Anti-fraud for org addresses

Buy OV

Sponsor S/MIME (IV + OV)

For executives & key personnel

Validates both individual and organizational identity. Maximum trust for executive communications. The strongest defense against sophisticated impersonation attacks.

✓ Individual + organization validation
✓ Digital signing
✓ Email encryption
✓ Prevents internal & external tampering

Buy Sponsor

How S/MIME certificates stop email spoofing and BEC attacks

Email was not designed with authentication in mind. Without S/MIME, there is no cryptographic way for a recipient to know that an email actually came from the person or organization it claims to be from, hasn’t been modified since it was sent, or contains content that only the intended recipient can read.

S/MIME solves all three. It adds a tamper-evident digital signature to every outgoing message and optionally encrypts the content: all using a certificate issued and validated by SSL.com, a trusted, WebTrust-audited Certificate Authority.

Compare S/MIME Certificates

FeatureBasic S/MIMEIV S/MIMEOV S/MIMESponsor S/MIME
What is validatedEmail address onlyIndividual’s nameOrganization nameIndividual + organization
Best forPersonal email privacyProfessionalsOrganizations: functional addressesExecutives, key personnel
Digital signing
Email encryption
Individual name in signature
Organization name in signature
Prevents CEO/executive impersonation✗ No⚠ Partial⚠ Partial✓ Yes: strongest defense
Prevents corporate address impersonation✗ No✗ No✓ Yes✓ Yes
Trust level★ Entry★★ Professional★★ Corporate★★★ Maximum
CA/B Forum S/MIME BR compliant
Get startedBuy BasicBuy IVBuy OVBuy Sponsor

Find your S/MIME certificate in two questions

Question 1 of 2

Still not sure? Consider what identity you need to prove: your email address only (Basic), yourself as an individual (IV), your organization (OV), or both (Sponsor). Our team can advise. Contact us

Common scenarios: which certificate applies?

ScenarioRecommended certificate
Individual encrypting personal email for privacyBasic S/MIME →
Solicitor signing client engagement lettersIV S/MIME →
Doctor signing patient communicationsIV S/MIME →
Company’s support@ or billing@ addressOV S/MIME →
HR department signing employment contractsOV S/MIME →
CEO or CFO signing board-level communicationsSponsor S/MIME →
Sales director sending proposals with company backingSponsor S/MIME →
Regulated industry employee (finance, healthcare, legal)Sponsor S/MIME → or IV depending on context
Automated system emails (no-reply@, notifications@)OV S/MIME →

What every S/MIME certificate requires

Valid email address

The certificate is bound to a specific email address. Each address requires its own certificate.

Identity documentation

IV and above require government-issued ID for individual validation. OV and above require business registration documentation. Sponsor requires both.

Email client compatibility

S/MIME is supported natively by Outlook, Apple Mail, Thunderbird, and most enterprise email clients. Gmail supports S/MIME on Google Workspace (Business/Enterprise plans).

CA/B Forum S/MIME BR compliance

All SSL.com S/MIME certificates are issued under the CA/Browser Forum S/MIME Baseline Requirements: the industry standard for S/MIME issuance.

WebTrust-audited S/MIME certificates from an accredited CA

WebTrust for S/MIME BR (BDO)

Audited annually by BDO: SSL.com is a WebTrust-certified CA for S/MIME Baseline Requirements

CA/B Forum S/MIME BR compliance

All certificates issued under the CA/B Forum S/MIME Baseline Requirements: the global standard

Enterprise-grade PKI

Backed by SSL.com’s world-class PKI infrastructure in continuous operation since 2002: audited annually by BDO under WebTrust for S/MIME Baseline Requirements.

Full-service support

From certificate selection to installation guidance and renewals: SSL.com supports the full lifecycle

API & automation

S/MIME certificates available via the SSL.com SWS API for enterprise bulk issuance and automation

Compare S/MIME certificate validation levels

All S/MIME certificates from SSL.com include email signing and encryption. Validation level determines what identity is verified and embedded in the certificate.

Feature Basic S/MIME IV S/MIME OV S/MIME Sponsor S/MIME
Email signing????
Email encryption????
Personal identity verified??
Organization identity verified??
Name in certificateEmail onlyLegal nameOrganization nameName + org
Issuance timeMinutes1–3 days1–3 days1–5 days
Best forPersonal email, low-risk commsProfessionals, consultantsEnterprise, B2B, compliancePartners, executives, BEC prevention

Frequently asked questions

An S/MIME (Secure/Multipurpose Internet Mail Extensions) certificate enables two things: digital signing of emails, which proves the message came from you and was not altered in transit; and encryption of emails, which ensures only the intended recipient can read the content. S/MIME is supported natively by Apple Mail, Microsoft Outlook, Thunderbird, and most enterprise email clients.
S/MIME digital signatures cryptographically bind your verified identity to every outgoing message. A recipient with an S/MIME-aware email client can verify the signature: confirming the message came from the certificate holder's verified identity and was not modified after signing. Attackers cannot reproduce a valid signature without the private key, making spoofed emails immediately detectable by any client that checks the signature.
Individual Validation (IV) S/MIME verifies your personal identity: your legal name against government-issued ID. Organization Validation (OV) S/MIME verifies your organization's legal identity, embedding the company name in the certificate. Sponsor S/MIME combines both: verifying the individual and the organization they represent in a single credential, appropriate for professionals signing on behalf of their employer.
Gmail supports S/MIME for signing and encryption in Google Workspace (enterprise) accounts but not personal Gmail accounts. S/MIME signatures sent from any client are visible in Gmail's web interface and mobile app, showing verified sender identity. Full encryption requires both sender and recipient to have S/MIME certificates and to have exchanged public keys.
Yes: Sponsor S/MIME certificates can be issued to all staff through SSL.com's Managed PKI service, with automated provisioning via LDAP/Active Directory integration or the SWS API. Central deployment ensures consistent S/MIME signing across the organization without requiring each employee to manually manage their certificate.

Ready to sign and encrypt your email?

Choose your validation level and get started today. Not sure which certificate fits your situation? Our team will advise: at no cost.
Talk to an expert

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our Cookie and privacy statement.

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Show details
Powered by  GDPR Cookie Compliance