We Introduce the KeyTalk Secure Email Service

Jul 9, 2021 | Jindřich Zechmeister

Our readers certainly do not doubt the need to secure email communication, because no one wants their business emails to be read or falsified. The main obstacle to deploying S/MIME certificates in companies has been the difficulty acquiring and installing the certificate. But it is different now - KeyTalk Secure Email Service can automate everything. With its help, you no longer have to invest your time into the life cycle of personal certificates!

What is the KeyTalk Secure Email Service for?

The KeyTalk product is a CKMS server from a company of the same name. This acronym stands for key management system and, simply put, can manage the entire lifecycle of all your certificates (from issuance and deployment to expiration). Therefore, you do not have to spend long hours managing certificates.

KeyTalk Secure Email Service is a service using this CKMS server, but is specifically focused on obtaining and managing S/MIME certificates in organizations and companies. It focuses on easily obtaining and installing personal certificates for email on users' computers.

With KeyTalk SES, you no longer have to deploy each certificate to a specific computer; it can do everything for you and save your IT staff many hours a year. In the next paragraph, we will look at how to do it.

Let the robot work

With our help, you can configure the service on the KeyTalk server - especially the connection to CA DigiCert, which will issue you trusted certificates. Then you just need to invite future users of S/MIME certificates to generate and download a certificate. This is done by simply clicking on the two links in the two emails. There is nothing more needed on the client's side!

The certificate is downloaded and set using the KeyTalk client on the given PC, which takes care of the communication with the KeyTalk CKMS server. The user will install this small application on their computer and it will take care of all the necessary actions, including setting up the certificate in Outlook or timely renewal of the certificate.

KeyTalk has clients for major PC and smartphone platforms. The user can easily get his certificate to multiple devices used by him. Emails can be signed by virtually any email client and it is not limited to a PC.

You do not want to manage the server? No problem!

As I mentioned in the introduction, the SES service uses the KeyTalk CKMS server and cannot work without it. In practice, this means that you should set up your KeyTalk server in your data centre or cloud and administer it. This is simple because the manufacturer offers a ready-made image of virtual servers for the main platforms, but subsequent maintenance and administration cannot be avoided (KeyTalk CKMS runs on an Ubuntu server).

If you are discouraged by the administration or do not have the capacity to do so, you can also use the hosted variant of the Hosted Secure Email Service (HSES). I can only recommend this because KeyTalk then runs as an SaaS in the cloud maker and you have nothing to worry about. KeyTalk is also responsible for the security of stored data and certificates, for which it uses secure HSM servers.


The KeyTalk Secure Email Service can fully automate the lifecycle of personal S/MIME certificates for email in your company. Now is the right time to secure mail in your company; we will be happy to help you, we have the best tools.

We will be happy to advise you on the deployment of KeyTalk and create a non-binding offer. Just contact us.