Important: S/MIME in Outlook for iOS is now available. The below article has been replaced by product content found at http://aka.ms/omsmime
Secure/Multipurpose Internet Mail Extension (S/MIME)...
Updated Dec 19, 2023
Version 13.0
Blog Post
Signing+ Encrypting now works. Here is my resolution for dummies and how I completed the pre-req (easier than the procedures suggested here):
I have a Hybrid envir with an Azure Tenant, but should work for non-hybrid as well.
From any Windows, using GUI MMC, do the [abcdefg.SST] chain file, this is really easy.
(I did the rest from a Domain Controller where the default browser allows Multi Factor Authentication [enabled for my Tenant admin user])
(Logged with abcdAdmin@mycompany.onmicrosoft.com + iPhone MS authenticator )
Windows PowerShell ISE as Admin
commands:
Install-Module -Name ExchangeOnlineManagement (many would have this already in place)
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline (login -> IE won't necessarily allow it, if you have MFA)
Set-SmimeConfig -SMIMECertificateIssuingCA (Get-Content abcdefg.sst -Encoding Byte)
(wait 30min or or force a sync)
Now, on iOS Outlook, certificate has status VALID (before it was UNTRUSTED)