As an admin, you can configure the settings to enable S/MIME and deploy it on devices through profiles. S/MIME (Secure Multi-Purpose Internet Mail Extensions) is a secure method of sending email. This protocol allows to encrypt emails and digitally sign them, thus allowing the receiver to be certain that the message received is exact and has been sent by a specific sender.

What can you do with the S/MIME settings page?

The path to the settings page on the UEM console is Groups & Settings > All Settings > System > S/MIME.

With the S/MIME settings page, you can:
  • Enable the setting to retain the S/MIME certificates in Workspace ONE UEM for deployment through profiles.
  • Set a retention period for the S/MIME certificate, if you choose to not retain the certificates in Workspace ONE UEM.

Determine your Organization group hierarchy

Before you review and modify the settings, understand the two types of inheritance/override options for the organization group hierarchy available at the top and bottom of the settings page and determine your choice. For more information about these settings, see Override Versus Inherit Setting for Organization Groups.

  • Current Setting – Select whether to Inherit or Override the displayed settings. Inherit means use the settings of the current organization group's parent OG, while Override enables the settings for editing so you can modify the current OG's settings directly.
  • Child Permission – Select the available behavior of child organization groups that exist below the currently selected organization group. Inherit only means child OGs are only allowed to inherit these settings. Override only means they override the settings, and Inherit or Override means you can choose to inherit or override settings in child OGs that exist below the currently selected OG.
Setting Description
Retain S/MIME Certificate You can enable the setting if you want to retain S/MIME certificate in the Workspace ONE UEM for deployment through the profile.

If you do not want to retain the S/MIME certificate in Workspace ONE UEM, deactivate the setting.

Temporary S/MIME Retention Period (hours) This text box appears if you deactivate the Retain S/MIME certificate setting.

You can enter a time (in hours) to retain the S/MIME certificate only for a limited duration. After the retention period, the certificate is deleted.