WebClient supports personal SSL certificates. It allows you to send and receive encrypted messages.
Encrypted messages can be sent only when both sides (sender and receiver) have exchanged the public part of the keys. Otherwise, you will receive the error message (below).
At first, you need to supply your certificate to your account. WebClient will then use your certificate to encrypt the mail.
1.1 Get a certificate
You can purchase a certificate online or get it for free at Actalis, for example.
1.2 Add a certificate to the WebClient
Navigate to Settings through your Avatar (top right corner) icon and hit the "Upload" button.
Upload the certificate by entering the passphrase you have received during the registration of your certificate.
Once you've added the certificate successfully, you should identify its validity when you double-click on it.
2.1 Adding the public part to contact in WebClient
For adding the public part of the key to contact navigate to WebClient - Contacts and find or create a contact for which you want to add the key. On the Certificate tab, import the certificate using the upload button.
2.2 Creation of public part certificate from .pfx format
If you didn't receive the public part of the certificate, you need to create it from the pfx file using OpenSSL. Example of getting public part of the certificate here.
3.1 Send an encrypted message
In Settings - Mail - Mail compose, you can force to sending only encrypted messages.
3.2 Send on-demand
4.1 Expired certificate
Once the certificate expires, upload a new one and make sure that you'll keep the expired one in the WebClient. By removing the expired certificate, you would lose access to previously signed messages!
4.2 Receiving side doesn't have your public key, or you don't have his public part