• Install Identity Manager
• Available process to trigger emails to be sent
• If signed email shall be used, Sign and encrypt engine must be configured. For more information, see Sign and encrypt engine in Identity Manager.

Log in to Identity Manager Admin as an admin user.

To add or edit an email template:

1. Go to Home > Emails.
   
2. To add a new email template, click +New. Enter details:
   1. Enter a Name, for example EmailNewPassword, and optionally a Description.
   2. Enter an email address in the To field.
      
   3. Click Save+Edit.
      
3. To edit an existing email template, double-click the email template name.

To enable S/MIME encryption, the following applies:

• The process map requires a variable Certificate_CoreObjectDescriptorList containing a List<CoreObjectDescriptor> of CoreObjectDescriptors, pointing to Certificate CoreObjects. For more information, see Set up search configuration in Identity Manager. 

• The related certificate entities must be included as ASN.1 DER-encoded X509 certificates in the data column. Certificates created by Smart ID Identity Manager are by default encoded in ASN.1 DER format, automatically stored in the correct format as required here. PEM format is not supported. 

Do the following:

1. In the fields CC, and BCC, enter one or more recipients, for example ${BaseDpEmployee_Email} from the Employee datapool.

   For each recipient email provided in the To, CC, or BCC lists of the MailConfiguration, a S/MIME certificate must be provided which contains the email address(es) in the SAN RFC822 Name field. If there is an email address with no fitting S/MIME certificate, the mail task stops with an exception message.

2. Enter a Subject.
3. Select S/MIME Encryption if the email is to be encrypted.

4. Select Sign Email if the email is to be signed by the server.

For more information, see Secure email communication using S/MIME in Smart ID.

If you shall use signed emails, you must replace the email signing certificate, emailSignCert. This is done in the file engineSignEncryptConfig.xml. For more information, see Sign and encrypt engine in Identity Manager.

1. Open the file engineSignEncryptConfig.xml for editing.

2. Replace the email signing certificate file, emailSigning.p12, with the correct certificate file.
   

   Example: Snippet of engineSignEncryptConfig.xml

   ....
     <key name="emailSigningCert">
               <type name="pkcs12" locationValue="classpath:emailSigning.p12" 
   ....

By default, the email signing certificate is always validated before sending an email, so that the revocation of the certificate is taken into account as soon as possible. In some cases this is not desired, as it creates some amount of network traffic.

To turn off the certificate validation, do the following:

• For WAR file deployment, add this to system.properties:
  

  Turn off certificate validation

  emailSigner.validateSignatureCertificate=false

• For docker deployment, edit the configuration file docker-compose.yml:
  

  Turn off certificate validation

  - 'SYSTEM_PROPERTIES={
            ...
            "emailSigner.validateSignatureCertificate": false
          }'

The html-formatted message is shown, when the mail server of the recipient supports html.

To enter an email message in HTML format:

1. Go to the Html tab.
2. Write an html-formatted email message in the text field. To insert a variable, for example BaseDpEmployee_FirstName, select the corresponding data pool in the left field and drag-and-drop the variable into the text field.

The plain text message is a fallback solution for when the mail server of the recipient does not support html.

To enter an email message in plain text:

1. Go to the Text tab.
2. Write an email message in the text field. To insert a variable, for example BaseDpEmployee_FirstName, select the corresponding data pool in the left field and drag-and-drop the variable into the text field.

The contents to attach to an email must be in binary form in a data pool. Typical examples of binary data are photos and signatures.

To add an attachment:

1. Go to the Attachments tab.
2. Navigate to the data pool and field in the list on the left, and drag-and-drop it to the table in the Attachments tab.
3. If you want, edit MIME type, to attach the file in a different format.
4. If you want, edit the Name of the attachment.
5. Click Save.
   

To edit the SMTP settings:

1. In the Test area field, click on the Expand symbol on the top. On the SMTP Settings tab, the settings are shown.
2. To edit the settings, click on the SMTP Settings button.

3. Enter the SMTP server settings. Click OK to save.

   Example: SMTP settings

   Host: localhost
   Port: 25
   User:
   Password:
   Default sender: activiti@localhost
   Timeout: 5000
   Connection security: NONE
   Check server identity: false

4. Go to the Preview tab to view all variable expressions.
5. If you want, Send test mail to the Test Recipient entered in the SMTP Settings.

You can use four different functions for formatting date fields in an email template. 

To format date fields in an email template, do the following: 

1. In the Test area field, select the Date Formatting tab to view examples and details.
2. Enter the date function in the Text or Html tab. 

Conversion examples