I would like to implement S/Mime in a pure Office 365 environment, i.e. without a local server. How can I link the certificates to AzureAD users.
Thank's for your anwsers.
Follow the steps for Scenario #1 here: https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-configure-s-mime-in-office-365/ba-p/584516
Create a .SST file for the Trusted Root CA / Intermediate CA of the certificate issued to the users: You can use either Certificate MMC or PowerShellcmdlets to export SST file.
Select Microsoft Serialized Certificate Store(.SST) > Click Next and save the SST file.
Upload .SST to office 365 server using PowerShell. It could look like this $sst = Get-Content TenantRoot.sst -Encoding Byte)
Publish user’s certificate to the Exchange Online GAL (Global Address List) using Outlook. in the Security Settings of the Trust Center.
Type Get-Mailbox <user> | FL or FT user in PowerShell to confirm the certificate is published in AAD (Azure Active Directory).
The end-user will find the certificate in certificates > personal store
14 people are following this question.