Encryption operations only require access to a public key (or a number of public keys). This public key information may be held in a named certificate store or externally in disk files. You (the originator) must first obtain (once) a public key for this purpose from each of the intended recipients; this process is called a key request. Each recipient must supply a X.509 or a PKCS #7 format public key file. This can be created by exporting (on the recipient computer) a certificate from the Windows store, or using similar services on Mac, Linux or other platforms. There are no security requirements and the (.CER, P7B or P7C format) file can be sent by email to the originator. The recipient, however, is assumed to only respond with a certificate where access to the private key has been securely retained.
Links