Encrypted email and contact group


  • Hello,

    Does anyone know if it is possible to send an encrypted email to a contact group address?

    I'm still trying to figure out how email encryption works. As I understand it,

    A. Recipient of encrypted mails
    1. Sends out a public key in the form of a digital certificate, which also represents his/her identity as the recipient of encrypted mails.
    2. Keeps the private key.

    B. Sender of encrypted mails
    1. Encrypts the message using the public key in the digital certificate received from A above
    2. Sends the encrypted message to A.

    Now, is it possible for A to be a contact group, instead of an active directory user?

    We are deploying Exchange 2013, and have an AD CS server for issuing certificates within our private network.


    • Edited by Jon Schmid Thursday, December 3, 2015 4:30 PM
    Thursday, December 3, 2015 4:29 PM


  • S/MIME is all based on individual users. The encryption and decryption is done in Outlook. So, I don't think you'll have any luck trying to use a single certificate for a group.

    I believe S/MIME will work if you have public keys for all of the group members. Or, if the public keys are pulbished in AD as part of the certificate issuance process then Outlook will retrieve them from there. This assumes that it is only being used internally.

    Byron Wright (

    Thursday, December 3, 2015 4:58 PM