Before you start with these instructions, please make sure that you have installed the certificate in the Windows certificate store.
See the following FAQ article: Installing a certificate in the Windows certificate store
Open the Outlook client.
Then go to "File" and afterwards to "Options" in the top menu.
Now click on "Trust Center" and then on "Trust Center Settings".
Choose then Email Security on the left handed menuebar.
Check the boxes "Encrypt contents and attachments for outgoing messages", "Add digital signature to outgoing messages" and "Send clear text signed message when sending signed messages". You can adjust these settings as required when composing a message. Now click on "Settings".
Now enter the following text in ‘Name of security setting:’:
‘My S/MIME settings (firstname.surname@[mailbox.]tu-dresden.de)’
Select the following two ckeck boxes, if you set up your personal email address
‘Default settings for this cryptographic message format’,
‘Default security setting for all cryptographic messages’
Then Choose the actual certificate with the "Choose"-Button within the area for "Signing Certificate".
Outlook uses the hash algorithm "SHA1" by default. Change this value to at least "SHA256". The encryption algorithm must be "AES (256-bit)".
Repeat this for within the area of "Encryption Certificate". The encryption algorithm must be "AES (256-bit)".
After all click on "OK" and dialogue before also with "OK"
If you now write a new e-mail, it will be signed and encrypted by default. If the recipient does not have a certificate, you can deactivate the "Encrypt" and/or "Sign" settings under "Options" by clicking on the respective buttons and send the e-mail unencrypted.