A while back, I was asked to move a Digital ID certificate from one Microsoft Office Outlook 2007 installation to another. This isn’t difficult if the digital certificate isn’t configured to prevent exporting. Certificates are exported to a file which can then be imported into another installation of Outlook for the same name and email address. Digital IDs are managed from the Trust Center in Outlook 2007, found at Tools, Trust Center. Select the E-mail Security option in the left pane, as shown in Figure 1. In the middle of the right pane, in the Digital IDs (Certificates) section, click the Get a Digital ID button to open your default browser to a Microsoft page listing digital certificate providers for Outlook. Click the Import/Export button to save your digital ID to a file for use in another workstation. For the equivalent in Microsoft Office Outlook 2003, click Tools, Options and then select the Security tab.
The Import/Export button opens the Import/Export Digital ID dialog box as shown in Figure 2. To export the certificate, click the radio button next to Export your Digital ID to a file in the lower part of the window. You’ll see the Select Certificates box, which lists the certificates available on this installation. Figure 3 shows two certificates, the first of which being the valid one based on expiry date. You can see the certificate details here by clicking the View Certificate button. This opens the Certificate window, as Figure 4 shows. Select the certificate, click OK, and then save the digital ID as a file. Click Browse next to the Filename field and save the certificate in the desired location with either a .pfx or .p12 extension. You can save it to a network share or a USB flash drive if you need to move it to another workstation. Outlook 2007 does an odd misstep here. After naming the certificate file, the interface returns to the import section of the Import/Export Digital ID window. The radio button for the Export part of the interface has to be selected again to add a password for the file, which is mandatory. (Exporting to a file is also a good way to back up your certificates at the client-level.)
To Import the certificate to a new Outlook 2007 installation you’ll follow similar steps. Again, use the Import/Export button in the E-mail Security section of the Trust Center (Figure 1). With the radio button selected next to Import existing Digital ID from a file (Figure 2), browse to the certificate file saved during the export, and click OK. You’ll also need to enter the password created during the export. Click OK to apply the certificate to this destination installation, ready to use.
If you have a certificate that’s centrally managed, or if you have a free certificate provided for personal use on a single workstation, it may be configured to prevent export. Attempts to export a certificate such as this will return an error message stating that The Digital ID cannot be exported. This prevents users from exporting their digital IDs which could then be readily available for misuse.