S/MIME functionality available in Outlook for iOS TestFlight

Hi @Ross Smith IV, it works now, I can see the S/MIME certificates when enabling S/MIME in Outlook.

Before we tested S/MIME with Outlook, we just tested how to https://docs.microsoft.com/en-us/graph/api/intune-raimportcerts-userpfxcertificate-create?view=graph-rest-beta to Intune and how to publish certificates from Intune to iPhone and Android devices. We therefore created a "Device Configuration Profile" with type "PKCS imported Certificate". But this profile published the certificates to the iOS system keychain.

To publish the certificates to the Microsoft keychain to make them accessible from Outlook, I had to disable this profile and just create the "App configuration Policy" for iOS and enabled S/MIME as follows in this "App configuration Policy":

Enable S/MIME: Yes
Allow user to change setting: No
Deploy S/MIME certificates from Intune: Yes
Signing certificates: Certificate profile type: PKCS imported certificates

Encryption certificates: Certificate profile type: PKCS imported certificates
Notification type: End-user notifications: Company Portal

After I did that, I got a notification in the "Company Portal" on the iPhone with the text "Your organization requires you to set up certificates for email signing and/or encryption before you can use all S/MIME email Features from this device. Set it up now.". After confirming this notification, the following text got displayed on the iPhone: "Within a few minutes, your XXX (YYY) account should be able to send and receive encrypted emails in Outlook".

Now we are able to automatically enroll S/MIME signing/encryption certificates to Windows devices and then publish them automatically to Intune and use them in Outlook. This is great.