diff --git a/app/src/main/java/eu/faircode/email/ActivitySetup.java b/app/src/main/java/eu/faircode/email/ActivitySetup.java
index ef6423ea20..c1c841261f 100644
--- a/app/src/main/java/eu/faircode/email/ActivitySetup.java
+++ b/app/src/main/java/eu/faircode/email/ActivitySetup.java
@@ -74,12 +74,16 @@ import com.microsoft.identity.client.IPublicClientApplication;
 import com.microsoft.identity.client.PublicClientApplication;
 import com.microsoft.identity.client.exception.MsalException;
 
+import org.bouncycastle.asn1.x509.GeneralName;
+import org.bouncycastle.util.io.pem.PemObject;
+import org.bouncycastle.util.io.pem.PemReader;
 import org.json.JSONArray;
 import org.json.JSONException;
 import org.json.JSONObject;
 
 import java.io.BufferedInputStream;
 import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
@@ -88,9 +92,13 @@ import java.net.HttpURLConnection;
 import java.net.URL;
 import java.nio.charset.StandardCharsets;
 import java.security.SecureRandom;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
 import java.security.spec.KeySpec;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
+import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
@@ -106,6 +114,7 @@ import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.PBEKeySpec;
+import javax.security.auth.x500.X500Principal;
 
 public class ActivitySetup extends ActivityBase implements FragmentManager.OnBackStackChangedListener {
     private View view;
@@ -127,6 +136,7 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
     static final int REQUEST_IMPORT_OAUTH = 5;
     static final int REQUEST_CHOOSE_ACCOUNT = 6;
     static final int REQUEST_DONE = 7;
+    static final int REQUEST_IMPORT_CERTIFICATE = 7;
 
     static final String ACTION_QUICK_GMAIL = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_GMAIL";
     static final String ACTION_QUICK_OUTLOOK = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_OUTLOOK";
@@ -135,7 +145,9 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
     static final String ACTION_VIEW_IDENTITIES = BuildConfig.APPLICATION_ID + ".ACTION_VIEW_IDENTITIES";
     static final String ACTION_EDIT_ACCOUNT = BuildConfig.APPLICATION_ID + ".EDIT_ACCOUNT";
     static final String ACTION_EDIT_IDENTITY = BuildConfig.APPLICATION_ID + ".EDIT_IDENTITY";
-    static final String ACTION_MANAGE_LOCAL_CONTACTS = BuildConfig.APPLICATION_ID + ".LOCAL_CONTACTS";
+    static final String ACTION_MANAGE_LOCAL_CONTACTS = BuildConfig.APPLICATION_ID + ".MANAGE_LOCAL_CONTACTS";
+    static final String ACTION_MANAGE_CERTIFICATES = BuildConfig.APPLICATION_ID + ".MANAGE_CERTIFICATES";
+    static final String ACTION_IMPORT_CERTIFICATE = BuildConfig.APPLICATION_ID + ".IMPORT_CERTIFICATE";
 
     @Override
     protected void onCreate(Bundle savedInstanceState) {
@@ -303,6 +315,8 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
         iff.addAction(ACTION_EDIT_ACCOUNT);
         iff.addAction(ACTION_EDIT_IDENTITY);
         iff.addAction(ACTION_MANAGE_LOCAL_CONTACTS);
+        iff.addAction(ACTION_MANAGE_CERTIFICATES);
+        iff.addAction(ACTION_IMPORT_CERTIFICATE);
         lbm.registerReceiver(receiver, iff);
     }
 
@@ -366,6 +380,10 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
                 case REQUEST_IMPORT_OAUTH:
                     ServiceSynchronize.reload(this, "oauth");
                     break;
+                case REQUEST_IMPORT_CERTIFICATE:
+                    if (resultCode == RESULT_OK && data != null)
+                        handleImportCertificate(data);
+                    break;
             }
         } catch (Throwable ex) {
             Log.e(ex);
@@ -989,6 +1007,63 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
         }.execute(this, args, "setup:import");
     }
 
+    private void handleImportCertificate(Intent data) {
+        Uri uri = data.getData();
+        if (uri != null) {
+            Bundle args = new Bundle();
+            args.putParcelable("uri", uri);
+
+            new SimpleTask<Void>() {
+                @Override
+                protected Void onExecute(Context context, Bundle args) throws Throwable {
+                    Uri uri = args.getParcelable("uri");
+
+                    PemObject pem;
+                    try (InputStream is = context.getContentResolver().openInputStream(uri)) {
+                        pem = new PemReader(new InputStreamReader(is)).readPemObject();
+                    }
+
+                    ByteArrayInputStream bis = new ByteArrayInputStream(pem.getContent());
+                    CertificateFactory fact = CertificateFactory.getInstance("X.509");
+                    X509Certificate cert = (X509Certificate) fact.generateCertificate(bis);
+
+                    String email = "?";
+                    try {
+                        Collection<List<?>> altNames = cert.getSubjectAlternativeNames();
+                        if (altNames != null)
+                            for (List altName : altNames)
+                                if (altName.get(0).equals(GeneralName.rfc822Name))
+                                    email = (String) altName.get(1);
+                                else
+                                    Log.i("Alt type=" + altName.get(0) + " data=" + altName.get(1));
+                    } catch (CertificateParsingException ex) {
+                        Log.w(ex);
+                    }
+
+                    String fingerprint = Helper.sha256(cert.getEncoded());
+
+                    DB db = DB.getInstance(context);
+                    EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
+                    if (record == null) {
+                        record = new EntityCertificate();
+                        record.fingerprint = Helper.sha256(cert.getEncoded());
+                        record.email = email;
+                        record.subject = cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
+                        record.setEncoded(cert.getEncoded());
+                        record.id = db.certificate().insertCertificate(record);
+                    }
+
+                    return null;
+                }
+
+                @Override
+                protected void onException(Bundle args, Throwable ex) {
+                    Helper.unexpectedError(getSupportFragmentManager(), ex);
+                }
+            }.execute(this, args, "setup:cert");
+        }
+    }
+
     @RequiresApi(api = Build.VERSION_CODES.O)
     private JSONObject channelToJSON(NotificationChannel channel) throws JSONException {
         JSONObject jchannel = new JSONObject();
@@ -1302,6 +1377,23 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
         fragmentTransaction.commit();
     }
 
+    private void onManageCertificates(Intent intent) {
+        FragmentTransaction fragmentTransaction = getSupportFragmentManager().beginTransaction();
+        fragmentTransaction.replace(R.id.content_frame, new FragmentCertificates()).addToBackStack("certificates");
+        fragmentTransaction.commit();
+    }
+
+    private void onImportCertificate(Intent intent) {
+        Intent open = new Intent(Intent.ACTION_OPEN_DOCUMENT);
+        open.addCategory(Intent.CATEGORY_OPENABLE);
+        open.setType("*/*");
+        Helper.openAdvanced(open);
+        if (open.resolveActivity(getPackageManager()) == null)
+            ToastEx.makeText(this, R.string.title_no_saf, Toast.LENGTH_LONG).show();
+        else
+            startActivityForResult(Helper.getChooser(this, open), REQUEST_IMPORT_CERTIFICATE);
+    }
+
     private static Intent getIntentExport() {
         Intent intent = new Intent(Intent.ACTION_CREATE_DOCUMENT);
         intent.addCategory(Intent.CATEGORY_OPENABLE);
@@ -1397,6 +1489,10 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
                     onEditIdentity(intent);
                 else if (ACTION_MANAGE_LOCAL_CONTACTS.equals(action))
                     onManageLocalContacts(intent);
+                else if (ACTION_MANAGE_CERTIFICATES.equals(action))
+                    onManageCertificates(intent);
+                else if (ACTION_IMPORT_CERTIFICATE.equals(action))
+                    onImportCertificate(intent);
             }
         }
     };
diff --git a/app/src/main/java/eu/faircode/email/AdapterCertificate.java b/app/src/main/java/eu/faircode/email/AdapterCertificate.java
index 8304d41efb..03365b5320 100644
--- a/app/src/main/java/eu/faircode/email/AdapterCertificate.java
+++ b/app/src/main/java/eu/faircode/email/AdapterCertificate.java
@@ -23,11 +23,14 @@ import android.content.Context;
 import android.graphics.Typeface;
 import android.os.Bundle;
 import android.view.LayoutInflater;
+import android.view.Menu;
+import android.view.MenuItem;
 import android.view.View;
 import android.view.ViewGroup;
 import android.widget.TextView;
 
 import androidx.annotation.NonNull;
+import androidx.appcompat.widget.PopupMenu;
 import androidx.fragment.app.Fragment;
 import androidx.lifecycle.LifecycleOwner;
 import androidx.recyclerview.widget.DiffUtil;
@@ -52,6 +55,8 @@ public class AdapterCertificate extends RecyclerView.Adapter<AdapterCertificate.
         private TextView tvEmail;
         private TextView tvSubject;
 
+        private TwoStateOwner powner = new TwoStateOwner(owner, "CertificatePopup");
+
         ViewHolder(View itemView) {
             super(itemView);
 
@@ -76,38 +81,65 @@ public class AdapterCertificate extends RecyclerView.Adapter<AdapterCertificate.
             if (pos == RecyclerView.NO_POSITION)
                 return false;
 
-            EntityCertificate certificate = items.get(pos);
+            final EntityCertificate certificate = items.get(pos);
 
-            Bundle args = new Bundle();
-            args.putLong("id", certificate.id);
+            PopupMenuLifecycle popupMenu = new PopupMenuLifecycle(context, powner, view);
 
-            new SimpleTask<Void>() {
+            popupMenu.getMenu().add(Menu.NONE, 0, 0, certificate.email).setEnabled(false);
+
+            popupMenu.getMenu().add(Menu.NONE, R.string.title_delete, 1, R.string.title_delete);
+
+            popupMenu.setOnMenuItemClickListener(new PopupMenu.OnMenuItemClickListener() {
                 @Override
-                protected Void onExecute(Context context, Bundle args) throws Throwable {
-                    long id = args.getLong("id");
+                public boolean onMenuItemClick(MenuItem item) {
+                    switch (item.getItemId()) {
+                        case R.string.title_delete:
+                            onActionDelete();
+                            return true;
 
-                    DB db = DB.getInstance(context);
-                    db.certificate().deleteCertificate(id);
-
-                    return null;
+                        default:
+                            return false;
+                    }
                 }
 
-                @Override
-                protected void onException(Bundle args, Throwable ex) {
-                    // TODO: report error
+                private void onActionDelete() {
+                    Bundle args = new Bundle();
+                    args.putLong("id", certificate.id);
+
+                    new SimpleTask<Void>() {
+                        @Override
+                        protected Void onExecute(Context context, Bundle args) throws Throwable {
+                            long id = args.getLong("id");
+
+                            DB db = DB.getInstance(context);
+                            db.certificate().deleteCertificate(id);
+
+                            return null;
+                        }
+
+                        @Override
+                        protected void onException(Bundle args, Throwable ex) {
+                            // TODO: report error
+                        }
+                    }.execute(context, owner, args, "certificate:delete");
                 }
-            }.execute(context, owner, args, "certificate:delete");
+            });
+
+            popupMenu.show();
 
             return true;
         }
 
         private void wire() {
-            view.setOnClickListener(this);
+            if (intf != null)
+                view.setOnClickListener(this);
             view.setOnLongClickListener(this);
         }
 
         private void unwire() {
-            view.setOnClickListener(null);
+            if (intf != null)
+                view.setOnClickListener(null);
+            view.setOnLongClickListener(null);
         }
 
         private void bindTo(EntityCertificate certificate) {
@@ -221,6 +253,11 @@ public class AdapterCertificate extends RecyclerView.Adapter<AdapterCertificate.
         holder.wire();
     }
 
+    @Override
+    public void onViewDetachedFromWindow(@NonNull ViewHolder holder) {
+        holder.powner.recreate();
+    }
+
     interface ICertificate {
         void onSelected(EntityCertificate certificate);
     }
diff --git a/app/src/main/java/eu/faircode/email/FragmentCertificates.java b/app/src/main/java/eu/faircode/email/FragmentCertificates.java
new file mode 100644
index 0000000000..6ab40c602c
--- /dev/null
+++ b/app/src/main/java/eu/faircode/email/FragmentCertificates.java
@@ -0,0 +1,110 @@
+package eu.faircode.email;
+
+/*
+    This file is part of FairEmail.
+
+    FairEmail is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    FairEmail is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with FairEmail.  If not, see <http://www.gnu.org/licenses/>.
+
+    Copyright 2018-2019 by Marcel Bokhorst (M66B)
+*/
+
+import android.content.Intent;
+import android.os.Bundle;
+import android.view.LayoutInflater;
+import android.view.View;
+import android.view.ViewGroup;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
+import androidx.constraintlayout.widget.Group;
+import androidx.lifecycle.Observer;
+import androidx.localbroadcastmanager.content.LocalBroadcastManager;
+import androidx.recyclerview.widget.DividerItemDecoration;
+import androidx.recyclerview.widget.LinearLayoutManager;
+import androidx.recyclerview.widget.RecyclerView;
+
+import com.google.android.material.floatingactionbutton.FloatingActionButton;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class FragmentCertificates extends FragmentBase {
+    private RecyclerView rvCertificate;
+    private ContentLoadingProgressBar pbWait;
+    private Group grpReady;
+    private FloatingActionButton fab;
+
+    private AdapterCertificate adapter;
+
+    @Override
+    @Nullable
+    public View onCreateView(@NonNull LayoutInflater inflater, @Nullable ViewGroup container, @Nullable Bundle savedInstanceState) {
+        setSubtitle(R.string.title_advanced_manage_certificates);
+        setHasOptionsMenu(true);
+
+        View view = inflater.inflate(R.layout.fragment_certificates, container, false);
+
+        // Get controls
+        rvCertificate = view.findViewById(R.id.rvCertificate);
+        pbWait = view.findViewById(R.id.pbWait);
+        grpReady = view.findViewById(R.id.grpReady);
+        fab = view.findViewById(R.id.fab);
+
+        // Wire controls
+
+        rvCertificate.setHasFixedSize(false);
+        LinearLayoutManager llm = new LinearLayoutManager(getContext());
+        rvCertificate.setLayoutManager(llm);
+
+        DividerItemDecoration itemDecorator = new DividerItemDecoration(getContext(), llm.getOrientation());
+        itemDecorator.setDrawable(getContext().getDrawable(R.drawable.divider));
+        rvCertificate.addItemDecoration(itemDecorator);
+
+        adapter = new AdapterCertificate(this, null);
+        rvCertificate.setAdapter(adapter);
+
+        fab.setOnClickListener(new View.OnClickListener() {
+            @Override
+            public void onClick(View v) {
+                LocalBroadcastManager lbm = LocalBroadcastManager.getInstance(getContext());
+                lbm.sendBroadcast(new Intent(ActivitySetup.ACTION_IMPORT_CERTIFICATE));
+            }
+        });
+
+        // Initialize
+        grpReady.setVisibility(View.GONE);
+        pbWait.setVisibility(View.VISIBLE);
+
+        return view;
+    }
+
+    @Override
+    public void onActivityCreated(@Nullable Bundle savedInstanceState) {
+        super.onActivityCreated(savedInstanceState);
+
+        DB db = DB.getInstance(getContext());
+        db.certificate().liveCertificates(null).observe(getViewLifecycleOwner(), new Observer<List<EntityCertificate>>() {
+            @Override
+            public void onChanged(List<EntityCertificate> certificates) {
+                if (certificates == null)
+                    certificates = new ArrayList<>();
+
+                adapter.set(null, certificates);
+
+                pbWait.setVisibility(View.GONE);
+                grpReady.setVisibility(View.VISIBLE);
+            }
+        });
+    }
+}
diff --git a/app/src/main/java/eu/faircode/email/FragmentCompose.java b/app/src/main/java/eu/faircode/email/FragmentCompose.java
index 430244ebb0..6a91de7b4b 100644
--- a/app/src/main/java/eu/faircode/email/FragmentCompose.java
+++ b/app/src/main/java/eu/faircode/email/FragmentCompose.java
@@ -71,7 +71,6 @@ import android.view.ViewGroup;
 import android.view.inputmethod.InputMethodManager;
 import android.widget.AdapterView;
 import android.widget.ArrayAdapter;
-import android.widget.Button;
 import android.widget.CheckBox;
 import android.widget.CompoundButton;
 import android.widget.EditText;
@@ -94,6 +93,7 @@ import androidx.documentfile.provider.DocumentFile;
 import androidx.lifecycle.Lifecycle;
 import androidx.lifecycle.Observer;
 import androidx.preference.PreferenceManager;
+import androidx.recyclerview.widget.DividerItemDecoration;
 import androidx.recyclerview.widget.LinearLayoutManager;
 import androidx.recyclerview.widget.RecyclerView;
 
@@ -120,8 +120,6 @@ import org.bouncycastle.operator.OutputEncryptor;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
 import org.bouncycastle.util.Store;
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemReader;
 import org.jsoup.nodes.Document;
 import org.jsoup.nodes.Element;
 import org.jsoup.nodes.TextNode;
@@ -138,7 +136,6 @@ import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.InputStreamReader;
 import java.io.OutputStream;
 import java.net.UnknownHostException;
 import java.security.PrivateKey;
@@ -173,7 +170,6 @@ import javax.mail.internet.MimeMessage;
 import javax.mail.internet.MimeMultipart;
 import javax.mail.internet.ParseException;
 import javax.mail.util.ByteArrayDataSource;
-import javax.security.auth.x500.X500Principal;
 
 import static android.app.Activity.RESULT_CANCELED;
 import static android.app.Activity.RESULT_OK;
@@ -966,10 +962,10 @@ public class FragmentCompose extends FragmentBase {
         int colorEncrypt = Helper.resolveColor(getContext(), R.attr.colorEncrypt);
         ImageButton ib = (ImageButton) menu.findItem(R.id.menu_encrypt).getActionView();
         ib.setEnabled(!busy);
-        if (EntityMessage.PGP_SIGNONLY.equals(encrypt)) {
+        if (EntityMessage.PGP_SIGNONLY.equals(encrypt) || EntityMessage.SMIME_SIGNONLY.equals(encrypt)) {
             ib.setImageResource(R.drawable.baseline_gesture_24);
             ib.setImageTintList(null);
-        } else if (EntityMessage.PGP_SIGNENCRYPT.equals(encrypt)) {
+        } else if (EntityMessage.PGP_SIGNENCRYPT.equals(encrypt) || EntityMessage.SMIME_SIGNENCRYPT.equals(encrypt)) {
             ib.setImageResource(R.drawable.baseline_lock_24);
             ib.setImageTintList(ColorStateList.valueOf(colorEncrypt));
         } else {
@@ -1037,12 +1033,25 @@ public class FragmentCompose extends FragmentBase {
     }
 
     private void onMenuEncrypt() {
-        if (EntityMessage.PGP_SIGNENCRYPT.equals(encrypt))
-            encrypt = EntityMessage.PGP_SIGNONLY;
-        else if (EntityMessage.PGP_SIGNONLY.equals(encrypt))
-            encrypt = EntityMessage.ENCRYPT_NONE;
-        else
-            encrypt = EntityMessage.PGP_SIGNENCRYPT;
+        SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(getContext());
+        String encrypt_method = prefs.getString("default_encrypt_method", "pgp");
+
+        if ("pgp".equals(encrypt_method)) {
+            if (EntityMessage.ENCRYPT_NONE.equals(encrypt) || encrypt == null)
+                encrypt = EntityMessage.PGP_SIGNENCRYPT;
+            else if (EntityMessage.PGP_SIGNENCRYPT.equals(encrypt))
+                encrypt = EntityMessage.PGP_SIGNONLY;
+            else
+                encrypt = EntityMessage.ENCRYPT_NONE;
+        } else {
+            if (EntityMessage.ENCRYPT_NONE.equals(encrypt) || encrypt == null)
+                encrypt = EntityMessage.SMIME_SIGNENCRYPT;
+            else if (EntityMessage.SMIME_SIGNENCRYPT.equals(encrypt))
+                encrypt = EntityMessage.SMIME_SIGNONLY;
+            else
+                encrypt = EntityMessage.ENCRYPT_NONE;
+        }
+
         getActivity().invalidateOptionsMenu();
 
         Bundle args = new Bundle();
@@ -2481,6 +2490,7 @@ public class FragmentCompose extends FragmentBase {
 
             SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
             boolean plain_only = prefs.getBoolean("plain_only", false);
+            String encrypt_method = prefs.getString("default_encrypt_method", "pgp");
             boolean sign_default = prefs.getBoolean("sign_default", false);
             boolean encrypt_default = prefs.getBoolean("encrypt_default", false);
             boolean receipt_default = prefs.getBoolean("receipt_default", false);
@@ -2517,9 +2527,15 @@ public class FragmentCompose extends FragmentBase {
                     if (plain_only)
                         data.draft.plain_only = true;
                     if (encrypt_default)
-                        data.draft.encrypt = EntityMessage.PGP_SIGNENCRYPT;
+                        if ("s/mime".equals(encrypt_method))
+                            data.draft.encrypt = EntityMessage.SMIME_SIGNENCRYPT;
+                        else
+                            data.draft.encrypt = EntityMessage.PGP_SIGNENCRYPT;
                     else if (sign_default)
-                        data.draft.encrypt = EntityMessage.PGP_SIGNONLY;
+                        if ("s/mime".equals(encrypt_method))
+                            data.draft.encrypt = EntityMessage.SMIME_SIGNONLY;
+                        else
+                            data.draft.encrypt = EntityMessage.PGP_SIGNONLY;
                     if (receipt_default)
                         data.draft.receipt_request = true;
 
@@ -3957,7 +3973,6 @@ public class FragmentCompose extends FragmentBase {
 
             View dview = LayoutInflater.from(getContext()).inflate(R.layout.dialog_certificate, null);
             final RecyclerView rvCertificate = dview.findViewById(R.id.rvCertificate);
-            final Button btnImport = dview.findViewById(R.id.btnImport);
             final ProgressBar pbWait = dview.findViewById(R.id.pbWait);
 
             final Dialog dialog = new AlertDialog.Builder(getContext())
@@ -3969,6 +3984,12 @@ public class FragmentCompose extends FragmentBase {
             LinearLayoutManager llm = new LinearLayoutManager(getContext());
             rvCertificate.setLayoutManager(llm);
 
+            DividerItemDecoration itemDecorator = new DividerItemDecoration(getContext(), llm.getOrientation());
+            Drawable divider = getContext().getDrawable(R.drawable.divider);
+            divider.mutate().setTint(getContext().getResources().getColor(R.color.lightColorSeparator));
+            itemDecorator.setDrawable(divider);
+            rvCertificate.addItemDecoration(itemDecorator);
+
             final AdapterCertificate adapter = new AdapterCertificate(this, new AdapterCertificate.ICertificate() {
                 @Override
                 public void onSelected(EntityCertificate certificate) {
@@ -3979,22 +4000,6 @@ public class FragmentCompose extends FragmentBase {
             });
             rvCertificate.setAdapter(adapter);
 
-            btnImport.setOnClickListener(new View.OnClickListener() {
-                @Override
-                public void onClick(View v) {
-                    Intent intent = new Intent(Intent.ACTION_OPEN_DOCUMENT);
-                    intent.addCategory(Intent.CATEGORY_OPENABLE);
-                    intent.setType("*/*");
-                    Helper.openAdvanced(intent);
-                    PackageManager pm = getContext().getPackageManager();
-                    if (intent.resolveActivity(pm) == null)
-                        ToastEx.makeText(getContext(), R.string.title_no_saf, Toast.LENGTH_LONG).show();
-                    else
-                        startActivityForResult(Helper.getChooser(getContext(), intent), 1);
-                }
-            });
-            btnImport.setEnabled(email != null);
-
             rvCertificate.setVisibility(View.GONE);
             pbWait.setVisibility(View.VISIBLE);
 
@@ -4010,54 +4015,6 @@ public class FragmentCompose extends FragmentBase {
 
             return dialog;
         }
-
-        @Override
-        public void onActivityResult(int requestCode, int resultCode, @Nullable Intent data) {
-            if (resultCode == RESULT_OK && data != null) {
-                Uri uri = data.getData();
-                if (uri != null) {
-                    Bundle args = new Bundle();
-                    args.putParcelable("uri", uri);
-
-                    new SimpleTask<Void>() {
-                        @Override
-                        protected Void onExecute(Context context, Bundle args) throws Throwable {
-                            Uri uri = args.getParcelable("uri");
-
-                            PemObject pem;
-                            try (InputStream is = context.getContentResolver().openInputStream(uri)) {
-                                pem = new PemReader(new InputStreamReader(is)).readPemObject();
-                            }
-
-                            ByteArrayInputStream bis = new ByteArrayInputStream(pem.getContent());
-                            CertificateFactory fact = CertificateFactory.getInstance("X.509");
-                            X509Certificate cert = (X509Certificate) fact.generateCertificate(bis);
-
-                            String fingerprint = Helper.sha256(cert.getEncoded());
-
-                            DB db = DB.getInstance(context);
-                            EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
-                            if (record == null) {
-                                record = new EntityCertificate();
-                                record.fingerprint = Helper.sha256(cert.getEncoded());
-                                record.email = email;
-                                record.subject = cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
-                                record.setEncoded(cert.getEncoded());
-                                record.id = db.certificate().insertCertificate(record);
-                            }
-                            // TODO: report exists
-
-                            return null;
-                        }
-
-                        @Override
-                        protected void onException(Bundle args, Throwable ex) {
-                            Helper.unexpectedError(getParentFragmentManager(), ex);
-                        }
-                    }.execute(this, args, "compose:cert");
-                }
-            }
-        }
     }
 
     public static class FragmentDialogSend extends FragmentDialogBase {
diff --git a/app/src/main/java/eu/faircode/email/FragmentOptionsPrivacy.java b/app/src/main/java/eu/faircode/email/FragmentOptionsPrivacy.java
index ea7604fd55..861b618246 100644
--- a/app/src/main/java/eu/faircode/email/FragmentOptionsPrivacy.java
+++ b/app/src/main/java/eu/faircode/email/FragmentOptionsPrivacy.java
@@ -51,6 +51,7 @@ import androidx.annotation.Nullable;
 import androidx.appcompat.app.AlertDialog;
 import androidx.appcompat.widget.SwitchCompat;
 import androidx.lifecycle.Lifecycle;
+import androidx.localbroadcastmanager.content.LocalBroadcastManager;
 import androidx.preference.PreferenceManager;
 
 import org.openintents.openpgp.util.OpenPgpApi;
@@ -62,6 +63,7 @@ import java.util.List;
 public class FragmentOptionsPrivacy extends FragmentBase implements SharedPreferences.OnSharedPreferenceChangeListener {
     private SwitchCompat swDisableTracking;
     private SwitchCompat swDisplayHidden;
+    private Spinner spEncryptMethod;
     private Spinner spOpenPgp;
     private SwitchCompat swSign;
     private SwitchCompat swEncrypt;
@@ -70,6 +72,7 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
     private Button btnBiometrics;
     private Button btnPin;
     private Spinner spBiometricsTimeout;
+    private Button btnManageCertificates;
     private Button btnImportKey;
     private TextView tvKeySize;
 
@@ -77,7 +80,7 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
 
     private final static String[] RESET_OPTIONS = new String[]{
             "disable_tracking", "display_hidden",
-            "openpgp_provider", "sign_default", "encrypt_default", "auto_decrypt",
+            "default_encrypt_method", "openpgp_provider", "sign_default", "encrypt_default", "auto_decrypt",
             "secure",
             "biometrics", "pin", "biometrics_timeout"
     };
@@ -94,6 +97,7 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
 
         swDisableTracking = view.findViewById(R.id.swDisableTracking);
         swDisplayHidden = view.findViewById(R.id.swDisplayHidden);
+        spEncryptMethod = view.findViewById(R.id.spEncryptMethod);
         spOpenPgp = view.findViewById(R.id.spOpenPgp);
         swSign = view.findViewById(R.id.swSign);
         swEncrypt = view.findViewById(R.id.swEncrypt);
@@ -102,6 +106,7 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
         btnBiometrics = view.findViewById(R.id.btnBiometrics);
         btnPin = view.findViewById(R.id.btnPin);
         spBiometricsTimeout = view.findViewById(R.id.spBiometricsTimeout);
+        btnManageCertificates = view.findViewById(R.id.btnManageCertificates);
         btnImportKey = view.findViewById(R.id.btnImportKey);
         tvKeySize = view.findViewById(R.id.tvKeySize);
 
@@ -136,6 +141,21 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
             }
         });
 
+        spEncryptMethod.setOnItemSelectedListener(new AdapterView.OnItemSelectedListener() {
+            @Override
+            public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
+                if (position == 1)
+                    prefs.edit().putString("default_encrypt_method", "s/mime").apply();
+                else
+                    onNothingSelected(parent);
+            }
+
+            @Override
+            public void onNothingSelected(AdapterView<?> parent) {
+                prefs.edit().remove("default_encrypt_method").apply();
+            }
+        });
+
         spOpenPgp.setOnItemSelectedListener(new AdapterView.OnItemSelectedListener() {
             @Override
             public void onItemSelected(AdapterView<?> adapterView, View view, int position, long id) {
@@ -225,6 +245,14 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
             }
         });
 
+        btnManageCertificates.setOnClickListener(new View.OnClickListener() {
+            @Override
+            public void onClick(View v) {
+                LocalBroadcastManager lbm = LocalBroadcastManager.getInstance(getContext());
+                lbm.sendBroadcast(new Intent(ActivitySetup.ACTION_MANAGE_CERTIFICATES));
+            }
+        });
+
         final Intent importKey = KeyChain.createInstallIntent();
         btnImportKey.setEnabled(importKey.resolveActivity(getContext().getPackageManager()) != null);
         btnImportKey.setOnClickListener(new View.OnClickListener() {
@@ -236,7 +264,7 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
 
         try {
             int maxKeySize = javax.crypto.Cipher.getMaxAllowedKeyLength("AES");
-            tvKeySize.setText(getString(R.string.title_aes_key_size, maxKeySize));
+            tvKeySize.setText(getString(R.string.title_advanced_aes_key_size, maxKeySize));
         } catch (NoSuchAlgorithmException ex) {
             tvKeySize.setText(Helper.formatThrowable(ex));
         }
@@ -290,6 +318,10 @@ public class FragmentOptionsPrivacy extends FragmentBase implements SharedPrefer
         swDisableTracking.setChecked(prefs.getBoolean("disable_tracking", true));
         swDisplayHidden.setChecked(prefs.getBoolean("display_hidden", false));
 
+        String encrypt_method = prefs.getString("default_encrypt_method", "pgp");
+        if ("s/mime".equals(encrypt_method))
+            spEncryptMethod.setSelection(1);
+
         String provider = prefs.getString("openpgp_provider", "org.sufficientlysecure.keychain");
         for (int pos = 0; pos < openPgpProvider.size(); pos++)
             if (provider.equals(openPgpProvider.get(pos))) {
diff --git a/app/src/main/res/layout/dialog_certificate.xml b/app/src/main/res/layout/dialog_certificate.xml
index 6deab15eb5..ff77d6a8e4 100644
--- a/app/src/main/res/layout/dialog_certificate.xml
+++ b/app/src/main/res/layout/dialog_certificate.xml
@@ -2,31 +2,19 @@
 <androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:app="http://schemas.android.com/apk/res-auto"
     android:layout_width="match_parent"
-    android:layout_height="wrap_content"
-    android:padding="12dp">
+    android:layout_height="wrap_content">
 
     <androidx.recyclerview.widget.RecyclerView
         android:id="@+id/rvCertificate"
         android:layout_width="0dp"
         android:layout_height="wrap_content"
+        android:padding="12dp"
         android:scrollbarStyle="outsideOverlay"
         android:scrollbars="vertical"
         app:layout_constraintEnd_toEndOf="parent"
         app:layout_constraintStart_toStartOf="parent"
         app:layout_constraintTop_toTopOf="parent" />
 
-    <Button
-        android:id="@+id/btnImport"
-        style="?android:attr/buttonStyleSmall"
-        android:layout_width="wrap_content"
-        android:layout_height="wrap_content"
-        android:layout_marginTop="12dp"
-        android:minWidth="0dp"
-        android:minHeight="0dp"
-        android:text="@string/title_import_certificate"
-        app:layout_constraintStart_toStartOf="parent"
-        app:layout_constraintTop_toBottomOf="@id/rvCertificate" />
-
     <eu.faircode.email.ContentLoadingProgressBar
         android:id="@+id/pbWait"
         style="@style/Base.Widget.AppCompat.ProgressBar"
diff --git a/app/src/main/res/layout/fragment_certificates.xml b/app/src/main/res/layout/fragment_certificates.xml
new file mode 100644
index 0000000000..a848df64ee
--- /dev/null
+++ b/app/src/main/res/layout/fragment_certificates.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="utf-8"?>
+<androidx.coordinatorlayout.widget.CoordinatorLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:app="http://schemas.android.com/apk/res-auto"
+    xmlns:tools="http://schemas.android.com/tools"
+    android:layout_width="match_parent"
+    android:layout_height="match_parent"
+    tools:context="eu.faircode.email.ActivitySetup">
+
+    <androidx.constraintlayout.widget.ConstraintLayout
+        android:layout_width="match_parent"
+        android:layout_height="match_parent">
+
+        <androidx.recyclerview.widget.RecyclerView
+            android:id="@+id/rvCertificate"
+            android:layout_width="0dp"
+            android:layout_height="0dp"
+            android:scrollbarStyle="outsideOverlay"
+            android:scrollbars="vertical"
+            app:layout_constraintBottom_toBottomOf="parent"
+            app:layout_constraintEnd_toEndOf="parent"
+            app:layout_constraintStart_toStartOf="parent"
+            app:layout_constraintTop_toTopOf="parent" />
+
+        <eu.faircode.email.ContentLoadingProgressBar
+            android:id="@+id/pbWait"
+            style="@style/Base.Widget.AppCompat.ProgressBar"
+            android:layout_width="wrap_content"
+            android:layout_height="wrap_content"
+            android:indeterminate="true"
+            app:layout_constraintBottom_toBottomOf="parent"
+            app:layout_constraintEnd_toEndOf="parent"
+            app:layout_constraintStart_toStartOf="parent"
+            app:layout_constraintTop_toTopOf="parent" />
+
+        <androidx.constraintlayout.widget.Group
+            android:id="@+id/grpReady"
+            android:layout_width="0dp"
+            android:layout_height="0dp"
+            app:constraint_referenced_ids="rvCertificate" />
+    </androidx.constraintlayout.widget.ConstraintLayout>
+
+    <com.google.android.material.floatingactionbutton.FloatingActionButton
+        android:id="@+id/fab"
+        android:layout_width="wrap_content"
+        android:layout_height="wrap_content"
+        android:layout_gravity="end|bottom"
+        android:layout_margin="@dimen/fab_padding"
+        android:tint="?attr/colorFabForeground"
+        android:tooltipText="@string/title_add"
+        app:backgroundTint="?attr/colorFabBackground"
+        app:srcCompat="@drawable/baseline_add_24" />
+</androidx.coordinatorlayout.widget.CoordinatorLayout>
\ No newline at end of file
diff --git a/app/src/main/res/layout/fragment_options_privacy.xml b/app/src/main/res/layout/fragment_options_privacy.xml
index 2b5ea12b73..fb5353778f 100644
--- a/app/src/main/res/layout/fragment_options_privacy.xml
+++ b/app/src/main/res/layout/fragment_options_privacy.xml
@@ -59,6 +59,28 @@
             app:layout_constraintStart_toStartOf="parent"
             app:layout_constraintTop_toBottomOf="@id/swDisplayHidden" />
 
+        <TextView
+            android:id="@+id/tvEncryptMethod"
+            android:layout_width="0dp"
+            android:layout_height="wrap_content"
+            android:layout_marginTop="12dp"
+            android:layout_marginEnd="48dp"
+            android:text="@string/title_advanced_encrypt_method"
+            android:textAppearance="@style/Base.TextAppearance.AppCompat.Small"
+            android:textColor="?android:attr/textColorPrimary"
+            app:layout_constraintEnd_toEndOf="parent"
+            app:layout_constraintStart_toStartOf="parent"
+            app:layout_constraintTop_toBottomOf="@id/tvDisplayHiddenHint" />
+
+        <Spinner
+            android:id="@+id/spEncryptMethod"
+            android:layout_width="wrap_content"
+            android:layout_height="wrap_content"
+            android:layout_marginTop="12dp"
+            android:entries="@array/encryptMethod"
+            app:layout_constraintStart_toStartOf="parent"
+            app:layout_constraintTop_toBottomOf="@id/tvEncryptMethod" />
+
         <TextView
             android:id="@+id/tvOpenPgp"
             android:layout_width="0dp"
@@ -70,7 +92,7 @@
             android:textColor="?android:attr/textColorPrimary"
             app:layout_constraintEnd_toEndOf="parent"
             app:layout_constraintStart_toStartOf="parent"
-            app:layout_constraintTop_toBottomOf="@id/tvDisplayHiddenHint" />
+            app:layout_constraintTop_toBottomOf="@id/spEncryptMethod" />
 
         <Spinner
             android:id="@+id/spOpenPgp"
@@ -207,6 +229,18 @@
             app:layout_constraintStart_toStartOf="parent"
             app:layout_constraintTop_toBottomOf="@id/tvBiometricsTimeout" />
 
+        <Button
+            android:id="@+id/btnManageCertificates"
+            style="?android:attr/buttonStyleSmall"
+            android:layout_width="wrap_content"
+            android:layout_height="wrap_content"
+            android:layout_marginTop="12dp"
+            android:minWidth="0dp"
+            android:minHeight="0dp"
+            android:text="@string/title_advanced_manage_certificates"
+            app:layout_constraintStart_toStartOf="parent"
+            app:layout_constraintTop_toBottomOf="@id/spBiometricsTimeout" />
+
         <Button
             android:id="@+id/btnImportKey"
             style="?android:attr/buttonStyleSmall"
@@ -215,15 +249,15 @@
             android:layout_marginTop="12dp"
             android:minWidth="0dp"
             android:minHeight="0dp"
-            android:text="@string/title_import_encrypt_key"
+            android:text="@string/title_advanced_import_key"
             app:layout_constraintStart_toStartOf="parent"
-            app:layout_constraintTop_toBottomOf="@id/spBiometricsTimeout" />
+            app:layout_constraintTop_toBottomOf="@id/btnManageCertificates" />
 
         <TextView
             android:id="@+id/tvKeySize"
             android:layout_width="0dp"
             android:layout_height="wrap_content"
-            android:text="@string/title_aes_key_size"
+            android:text="@string/title_advanced_aes_key_size"
             android:textAppearance="@style/TextAppearance.AppCompat.Small"
             app:layout_constraintEnd_toEndOf="parent"
             app:layout_constraintStart_toStartOf="parent"
diff --git a/app/src/main/res/values-bg-rBG/strings.xml b/app/src/main/res/values-bg-rBG/strings.xml
index 5f6b71db3b..8022d6da32 100644
--- a/app/src/main/res/values-bg-rBG/strings.xml
+++ b/app/src/main/res/values-bg-rBG/strings.xml
@@ -138,16 +138,16 @@
     <string name="title_setup_to_do">Да се направи</string>
     <string name="title_setup_done">Готово</string>
     <string name="title_setup_error">Грешка</string>
-    <string name="title_setup_export">Изнасяне настройки</string>
-    <string name="title_setup_import">Внасяне настройки</string>
+    <string name="title_setup_export">Експортиране на настройките</string>
+    <string name="title_setup_import">Импортиране на настройки</string>
     <string name="title_setup_import_do">Импортираните профили ще се добавят, без да се презаписват съществуващите</string>
     <string name="title_setup_password">Парола</string>
     <string name="title_setup_password_repeat">Повтори парола</string>
     <string name="title_setup_password_missing">Липсва парола</string>
     <string name="title_setup_password_different">Паролите не съвпадат</string>
     <string name="title_setup_password_invalid">Грешна парола</string>
-    <string name="title_setup_exported">Настройки изнесени</string>
-    <string name="title_setup_imported">Настройки внесени</string>
+    <string name="title_setup_exported">Настройките са експортирани</string>
+    <string name="title_setup_imported">Настройките са импортирани</string>
     <string name="title_setup_import_invalid">Невалиден конфигурационен файл</string>
     <string name="title_setup_reorder_accounts">Подреждане на профили</string>
     <string name="title_setup_reorder_folders">Подреждане на папки</string>
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Криптиране по подразбиране</string>
     <string name="title_advanced_auto_decrypt">Автоматично декриптиране на съобщение</string>
     <string name="title_advanced_secure">Скриване от екрана на последно използвани приложения и предотвратяване правенето снимка на екрана</string>
-    <string name="title_advanced_biometrics_timeout">Време на изчакване за биометрично удостоверяване</string>
     <string name="title_advanced_pin">ПИН</string>
+    <string name="title_advanced_biometrics_timeout">Време на изчакване за биометрично удостоверяване</string>
     <string name="title_advanced_english">Принудително на английски език</string>
     <string name="title_advanced_watchdog">Периодична проверка дали FairEmail е активен</string>
     <string name="title_advanced_updates">Проверка за актуализация</string>
@@ -592,6 +592,7 @@
     <string name="title_insert_template">Вмъкни шаблон</string>
     <string name="title_edit_plain_text">Редактирай като обикновен текст</string>
     <string name="title_edit_formatted_text">Редактиране като преформатиран текст</string>
+    <string name="title_select_certificate">Изберете публичен ключ</string>
     <string name="title_send_plain_text">Само обикновен текст</string>
     <string name="title_send_receipt">Заявка за доставка/четене на полученото</string>
     <string name="title_send_receipt_remark">Повечето доставчици и имейл клиенти игнорират заявките за получаване</string>
@@ -615,11 +616,11 @@
     <string name="title_no_openpgp">OpenKeychain не е намерена</string>
     <string name="title_not_encrypted">Съобщението не е подписано или криптирано</string>
     <string name="title_reset_sign_key">Нулиране на ключ за подписване</string>
-    <string name="title_import_encrypt_key">Импортиране на ключ за криптиране</string>
     <string name="title_signature_none">Съобщението не е подписано</string>
     <string name="title_signature_valid">Подписът на съобщението е валиден</string>
     <string name="title_signature_unconfirmed">Подписът на съобщението е валиден, но не е потвърден</string>
     <string name="title_signature_invalid">Подписът на съобщението е невалиден</string>
+    <string name="title_signature_store">Хранилище</string>
     <string name="title_search">Търси</string>
     <string name="title_search_server">Търси на сървъра</string>
     <string name="title_search_in">Търси в</string>
diff --git a/app/src/main/res/values-ca-rES/strings.xml b/app/src/main/res/values-ca-rES/strings.xml
index b9eb81f91a..81b40926d1 100644
--- a/app/src/main/res/values-ca-rES/strings.xml
+++ b/app/src/main/res/values-ca-rES/strings.xml
@@ -289,8 +289,8 @@
     <string name="title_advanced_openpgp">Proveïdor d’OpenPGP</string>
     <string name="title_advanced_auto_decrypt">Xifra automàticament els missatges</string>
     <string name="title_advanced_secure">Amaga de la pantalla d\'aplicacions recents i evita que es pugui fer captures de pantalla</string>
-    <string name="title_advanced_biometrics_timeout">Retard de l’autenticació biomètrica</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Retard de l’autenticació biomètrica</string>
     <string name="title_advanced_english">Forçar idioma anglès</string>
     <string name="title_advanced_watchdog">Comproveu periòdicament si FairEmail està actiu</string>
     <string name="title_advanced_updates">Comprova si hi ha actualitzacions</string>
diff --git a/app/src/main/res/values-cs-rCZ/strings.xml b/app/src/main/res/values-cs-rCZ/strings.xml
index d12c8cb6c3..c3a7a36d4b 100644
--- a/app/src/main/res/values-cs-rCZ/strings.xml
+++ b/app/src/main/res/values-cs-rCZ/strings.xml
@@ -313,8 +313,8 @@
     <string name="title_advanced_encrypt_default">Šifrovat jako výchozí</string>
     <string name="title_advanced_auto_decrypt">Automaticky dešifrovat zprávy</string>
     <string name="title_advanced_secure">Skrýt z obrazovky nedávných aplikací a zabránit pořizování snímků obrazovky</string>
-    <string name="title_advanced_biometrics_timeout">Vypršení biometrického ověření</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Vypršení biometrického ověření</string>
     <string name="title_advanced_english">Vynutit anglický jazyk</string>
     <string name="title_advanced_watchdog">Pravidelně kontrolovat, zda je FairEmail stále aktivní</string>
     <string name="title_advanced_updates">Kontrolovat aktualizace</string>
@@ -637,7 +637,6 @@
     <string name="title_no_openpgp">OpenKeychain nenalezena</string>
     <string name="title_not_encrypted">Zpráva není podepsána ani šifrována</string>
     <string name="title_reset_sign_key">Vynulovat podpisový klíč</string>
-    <string name="title_import_encrypt_key">Importovat šifrovací klíč</string>
     <string name="title_signature_none">Zpráva není podepsána</string>
     <string name="title_signature_valid">Podpis zprávy je platný</string>
     <string name="title_signature_unconfirmed">Podpis zprávy je platný, ale nepotvrzený</string>
diff --git a/app/src/main/res/values-da-rDK/strings.xml b/app/src/main/res/values-da-rDK/strings.xml
index e1b53e3096..c25e2d5fd7 100644
--- a/app/src/main/res/values-da-rDK/strings.xml
+++ b/app/src/main/res/values-da-rDK/strings.xml
@@ -290,8 +290,8 @@
     <string name="title_advanced_encrypt_default">Kryptér som standard</string>
     <string name="title_advanced_auto_decrypt">Auto-dekryptér beskeder</string>
     <string name="title_advanced_secure">Skjul fra seneste apps-skærm og forhindr skærmfotofunktion</string>
-    <string name="title_advanced_biometrics_timeout">Biometrisk godkendelse fik timeout</string>
     <string name="title_advanced_pin">PIN-kode</string>
+    <string name="title_advanced_biometrics_timeout">Biometrisk godkendelse fik timeout</string>
     <string name="title_advanced_english">Gennemtving engelsk sprog</string>
     <string name="title_advanced_watchdog">Tjek periodisk om FairEmail stadig er aktiv</string>
     <string name="title_advanced_updates">Søg efter opdateringer</string>
@@ -614,7 +614,6 @@
     <string name="title_no_openpgp">OpenKeychain ikke fundet</string>
     <string name="title_not_encrypted">Besked er ikke signeret eller krypteret</string>
     <string name="title_reset_sign_key">Nulstil sign key</string>
-    <string name="title_import_encrypt_key">Importér krypteringsnøgle</string>
     <string name="title_signature_none">Besked ikke signeret</string>
     <string name="title_signature_valid">Beskedsignatur gyldig</string>
     <string name="title_signature_unconfirmed">Beskedsignatur gyldig, men ubekræftet</string>
diff --git a/app/src/main/res/values-de-rDE/strings.xml b/app/src/main/res/values-de-rDE/strings.xml
index 20ba4115a5..095af5c3d6 100644
--- a/app/src/main/res/values-de-rDE/strings.xml
+++ b/app/src/main/res/values-de-rDE/strings.xml
@@ -290,8 +290,8 @@ Konten und Identitäten (Aliase) können bei Bedarf auch manuell eingerichtet we
     <string name="title_advanced_encrypt_default">Standardmäßig verschlüsseln</string>
     <string name="title_advanced_auto_decrypt">Nachrichten automatisch entschlüsseln</string>
     <string name="title_advanced_secure">Von den kürzlich genutzten Apps ausblenden und Screenshots verhindern</string>
-    <string name="title_advanced_biometrics_timeout">Gültigkeitsdauer der biometrischen Authentifizierung</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Gültigkeitsdauer der biometrischen Authentifizierung</string>
     <string name="title_advanced_english">Englische Sprache erzwingen</string>
     <string name="title_advanced_watchdog">Regelmäßig überprüfen, ob FairEmail noch aktiv ist</string>
     <string name="title_advanced_updates">Nach Aktualisierungen suchen</string>
@@ -591,6 +591,7 @@ Konten und Identitäten (Aliase) können bei Bedarf auch manuell eingerichtet we
     <string name="title_insert_template">Vorlage einfügen</string>
     <string name="title_edit_plain_text">Als Plain Text bearbeiten</string>
     <string name="title_edit_formatted_text">Als reformierten Text bearbeiten</string>
+    <string name="title_select_certificate">Öffentlichen Schlüssel auswählen</string>
     <string name="title_send_plain_text">Nur Text</string>
     <string name="title_send_receipt">Lieferung/Lesebestätigung anfordern</string>
     <string name="title_send_receipt_remark">Die meisten Anbieter und E-Mail-Clients ignorieren Quittungsanfragen</string>
@@ -614,11 +615,11 @@ Konten und Identitäten (Aliase) können bei Bedarf auch manuell eingerichtet we
     <string name="title_no_openpgp">OpenKeychain wurde nicht gefunden</string>
     <string name="title_not_encrypted">Nachricht ist nicht signiert oder verschlüsselt</string>
     <string name="title_reset_sign_key">Sign-Schlüssel zurücksetzen</string>
-    <string name="title_import_encrypt_key">Verschlüsselungsschlüssel importieren</string>
     <string name="title_signature_none">Unsignierte Nachricht</string>
     <string name="title_signature_valid">Gültige Nachrichtensignatur</string>
     <string name="title_signature_unconfirmed">Die Signatur der Nachricht ist zwar gültig, aber nicht bestätigt</string>
     <string name="title_signature_invalid">Ungültige Nachrichtensignatur</string>
+    <string name="title_signature_store">Speichern</string>
     <string name="title_search">Suche</string>
     <string name="title_search_server">Auf dem Server suchen</string>
     <string name="title_search_in">Suchen in</string>
diff --git a/app/src/main/res/values-es-rES/strings.xml b/app/src/main/res/values-es-rES/strings.xml
index e2203d91c4..619c0b5d6f 100644
--- a/app/src/main/res/values-es-rES/strings.xml
+++ b/app/src/main/res/values-es-rES/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Cifrar por defecto</string>
     <string name="title_advanced_auto_decrypt">Descifrar automáticamente los mensajes</string>
     <string name="title_advanced_secure">Ocultar de la pantalla de aplicaciones recientes e impedir capturas de pantallas</string>
-    <string name="title_advanced_biometrics_timeout">Límite de tiempo para autenticación biométrica</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Límite de tiempo para autenticación biométrica</string>
     <string name="title_advanced_english">Forzar idioma inglés</string>
     <string name="title_advanced_watchdog">Comprobar periódicamente si FairEmail sigue activo</string>
     <string name="title_advanced_updates">Buscar actualizaciones</string>
@@ -592,6 +592,7 @@
     <string name="title_insert_template">Insertar plantilla</string>
     <string name="title_edit_plain_text">Editar como texto plano</string>
     <string name="title_edit_formatted_text">Editar como texto con formato</string>
+    <string name="title_select_certificate">Seleccionar clave pública</string>
     <string name="title_send_plain_text">Sólo en texto plano</string>
     <string name="title_send_receipt">Solicitar recibo de entrega/lectura</string>
     <string name="title_send_receipt_remark">La mayoría de los clientes y proveedores de email ignoran los pedidos de recibos</string>
@@ -615,11 +616,11 @@
     <string name="title_no_openpgp">OpenKeychain no encontrado</string>
     <string name="title_not_encrypted">El mensaje no está firmado ni cifrado</string>
     <string name="title_reset_sign_key">Restablecer clave de firma</string>
-    <string name="title_import_encrypt_key">Importar clave de cifrado</string>
     <string name="title_signature_none">Mensaje no firmado</string>
     <string name="title_signature_valid">Firma de mensaje válida</string>
     <string name="title_signature_unconfirmed">Firma del mensaje válida pero no confirmada</string>
     <string name="title_signature_invalid">Firma de mensaje no válida</string>
+    <string name="title_signature_store">Almacenar</string>
     <string name="title_search">Buscar</string>
     <string name="title_search_server">Buscar en el servidor</string>
     <string name="title_search_in">Buscar en</string>
diff --git a/app/src/main/res/values-eu-rES/strings.xml b/app/src/main/res/values-eu-rES/strings.xml
index f78ce660df..3832d9ff0c 100644
--- a/app/src/main/res/values-eu-rES/strings.xml
+++ b/app/src/main/res/values-eu-rES/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Besterik ezean zifratu</string>
     <string name="title_advanced_auto_decrypt">Desenkriptatu mezuak automatikoki</string>
     <string name="title_advanced_secure">Ezkutatu erabilitako azken aplikazioen pantailatik eta saihestu pantaila-argazkia egitea</string>
-    <string name="title_advanced_biometrics_timeout">Autentifikazio biometrikoaren iraupena</string>
     <string name="title_advanced_pin">PINa</string>
+    <string name="title_advanced_biometrics_timeout">Autentifikazio biometrikoaren iraupena</string>
     <string name="title_advanced_english">Behartu hizkuntza ingelesa</string>
     <string name="title_advanced_watchdog">Aldiro egiaztatu FairEmail aktibo dagoen</string>
     <string name="title_advanced_updates">Egiaztatu eguneraketarik dagoen</string>
@@ -615,7 +615,6 @@
     <string name="title_no_openpgp">Ez da OpenKeychain aurkitu</string>
     <string name="title_not_encrypted">Mezua ez dago ez zifratuta ez sinatuta</string>
     <string name="title_reset_sign_key">Berrezarri sinadura gakoa</string>
-    <string name="title_import_encrypt_key">Inportatu zifratze-gakoa</string>
     <string name="title_signature_none">Mezua ez dago sinatuta</string>
     <string name="title_signature_valid">Mezuaren sinadura baliozkoa</string>
     <string name="title_signature_unconfirmed">Mezuaren sinadura baliozkoa da baina ez da baieztatu</string>
diff --git a/app/src/main/res/values-fi-rFI/strings.xml b/app/src/main/res/values-fi-rFI/strings.xml
index 0e37ca01a0..0950fada1b 100644
--- a/app/src/main/res/values-fi-rFI/strings.xml
+++ b/app/src/main/res/values-fi-rFI/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Salaa oletusarvoisesti</string>
     <string name="title_advanced_auto_decrypt">Pura viestien salaus automaattisesti</string>
     <string name="title_advanced_secure">Piilota viimeisimpien sovellusten listasta ja estä kuvankaappausten ottaminen</string>
-    <string name="title_advanced_biometrics_timeout">Biometrisen tunnistautumisen aikakatkaisu</string>
     <string name="title_advanced_pin">PIN-koodi</string>
+    <string name="title_advanced_biometrics_timeout">Biometrisen tunnistautumisen aikakatkaisu</string>
     <string name="title_advanced_english">Pakota englannin kieli</string>
     <string name="title_advanced_watchdog">Tarkista toistuvasti, että FairEmail on edelleen aktiivinen</string>
     <string name="title_advanced_updates">Päivitysten tarkastus</string>
@@ -615,7 +615,6 @@
     <string name="title_no_openpgp">OpenKeychain ei löytynyt</string>
     <string name="title_not_encrypted">Viestiä ei ole allekirjoitettu tai salattu</string>
     <string name="title_reset_sign_key">Nollaa allekirjoitusavain</string>
-    <string name="title_import_encrypt_key">Tuo salausavain</string>
     <string name="title_signature_none">Viestiä ei allekirjoitettu</string>
     <string name="title_signature_valid">Viestin allekirjoitus pätevä</string>
     <string name="title_signature_unconfirmed">Viestin allekirjoitus pätevä muttei vahvistettu</string>
diff --git a/app/src/main/res/values-fr-rFR/strings.xml b/app/src/main/res/values-fr-rFR/strings.xml
index 82b569347e..9590f4f7d8 100644
--- a/app/src/main/res/values-fr-rFR/strings.xml
+++ b/app/src/main/res/values-fr-rFR/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Chiffrer par défaut</string>
     <string name="title_advanced_auto_decrypt">Déchiffrer automatiquement les messages</string>
     <string name="title_advanced_secure">Masquer FairEmail dans la liste des applications récentes et empêcher la prise de captures d\'écran</string>
-    <string name="title_advanced_biometrics_timeout">Délai d\'authentification biométrique</string>
     <string name="title_advanced_pin">Code PIN</string>
+    <string name="title_advanced_biometrics_timeout">Délai d\'authentification biométrique</string>
     <string name="title_advanced_english">Forcer la langue anglaise</string>
     <string name="title_advanced_watchdog">Vérifier périodiquement si FairEmail est toujours actif</string>
     <string name="title_advanced_updates">Vérifier les mises à jour</string>
@@ -593,7 +593,6 @@
     <string name="title_edit_plain_text">Modifier comme texte brut</string>
     <string name="title_edit_formatted_text">Modifier comme texte reformaté</string>
     <string name="title_select_certificate">Sélectionner la clé publique</string>
-    <string name="title_import_certificate">Importer</string>
     <string name="title_send_plain_text">Texte brut seulement</string>
     <string name="title_send_receipt">Demander un accusé de réception/lecture</string>
     <string name="title_send_receipt_remark">La plupart des fournisseurs et des clients de messagerie ignorent les demandes d\'accusé de réception</string>
@@ -617,11 +616,11 @@
     <string name="title_no_openpgp">OpenKeychain introuvable</string>
     <string name="title_not_encrypted">Le message n\'est pas signé ou chiffré</string>
     <string name="title_reset_sign_key">Réinitialiser la clé de signature</string>
-    <string name="title_import_encrypt_key">Importer la clé de chiffrement</string>
     <string name="title_signature_none">Message non signé</string>
     <string name="title_signature_valid">Signature de message valide</string>
     <string name="title_signature_unconfirmed">Signature du message valide mais non confirmée</string>
     <string name="title_signature_invalid">Signature de message invalide</string>
+    <string name="title_signature_store">Enregistrer</string>
     <string name="title_search">Rechercher</string>
     <string name="title_search_server">Rechercher sur le serveur</string>
     <string name="title_search_in">Rechercher dans</string>
diff --git a/app/src/main/res/values-hr-rHR/strings.xml b/app/src/main/res/values-hr-rHR/strings.xml
index afb7290a2b..011c8a5fc9 100644
--- a/app/src/main/res/values-hr-rHR/strings.xml
+++ b/app/src/main/res/values-hr-rHR/strings.xml
@@ -299,8 +299,8 @@ Ako je potrebno, računi i identiteti (aliasi) mogu se postaviti i ručno.    </
     <string name="title_advanced_openpgp">Pružatelj OpenPGP</string>
     <string name="title_advanced_auto_decrypt">Automatski dešifriraj poruke</string>
     <string name="title_advanced_secure">Sakrij sa zaslona nedavnih aplikacija i spriječi snimanje zaslona</string>
-    <string name="title_advanced_biometrics_timeout">Timeout biometrijske autentifikacije</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Timeout biometrijske autentifikacije</string>
     <string name="title_advanced_english">Prisiliti engleski jezik</string>
     <string name="title_advanced_watchdog">Povremeno provjeriti je li je FairEmail još uvijek aktivan</string>
     <string name="title_advanced_updates">Provjeri ažuriranja</string>
diff --git a/app/src/main/res/values-it-rIT/strings.xml b/app/src/main/res/values-it-rIT/strings.xml
index 39c60af3c7..677690a8ef 100644
--- a/app/src/main/res/values-it-rIT/strings.xml
+++ b/app/src/main/res/values-it-rIT/strings.xml
@@ -290,8 +290,8 @@
     <string name="title_advanced_encrypt_default">Crittografa di default</string>
     <string name="title_advanced_auto_decrypt">Decodifica automaticamente i messaggi</string>
     <string name="title_advanced_secure">Nascondi dalla schermata delle app recenti e impedisci di catturare screenshot</string>
-    <string name="title_advanced_biometrics_timeout">Timeout autenticazione biometrica</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Timeout autenticazione biometrica</string>
     <string name="title_advanced_english">Forza la lingua inglese</string>
     <string name="title_advanced_watchdog">Controlla periodicamente se FairEmail è ancora attiva</string>
     <string name="title_advanced_updates">Controlla aggiornamenti</string>
@@ -592,7 +592,6 @@
     <string name="title_edit_plain_text">Modifica come testo semplice</string>
     <string name="title_edit_formatted_text">Modifica come testo riformattato</string>
     <string name="title_select_certificate">Seleziona chiave pubblica</string>
-    <string name="title_import_certificate">Importa</string>
     <string name="title_send_plain_text">Solo testo semplice</string>
     <string name="title_send_receipt">Richiedi ricevuta di consegna/lettura</string>
     <string name="title_send_receipt_remark">La maggior parte dei provider e dei client di posta elettronica ignora le richieste di ricevuta</string>
@@ -616,11 +615,11 @@
     <string name="title_no_openpgp">OpenKeychain non trovato</string>
     <string name="title_not_encrypted">Il messaggio non è firmato o cifrato</string>
     <string name="title_reset_sign_key">Reimposta il tasto del segno</string>
-    <string name="title_import_encrypt_key">Importa chiave di crittografia</string>
     <string name="title_signature_none">Messaggio non firmato</string>
     <string name="title_signature_valid">Firma messaggio valida</string>
     <string name="title_signature_unconfirmed">Firma del messaggio valida ma non confermata</string>
     <string name="title_signature_invalid">Firma messaggio non valida</string>
+    <string name="title_signature_store">Registra</string>
     <string name="title_search">Cerca</string>
     <string name="title_search_server">Cerca sul server</string>
     <string name="title_search_in">Cerca in</string>
diff --git a/app/src/main/res/values-nl-rNL/strings.xml b/app/src/main/res/values-nl-rNL/strings.xml
index 56af2b20f2..5d1e209e26 100644
--- a/app/src/main/res/values-nl-rNL/strings.xml
+++ b/app/src/main/res/values-nl-rNL/strings.xml
@@ -286,13 +286,16 @@
     <string name="title_advanced_sound">Selecteer meldingsgeluid</string>
     <string name="title_advanced_tracking">Automatisch herkennen en uitschakelen van tracking-afbeeldingen</string>
     <string name="title_advanced_display_hidden">Verborgen berichtteksten weergeven</string>
+    <string name="title_advanced_encrypt_method">Standaard versleutelingsmethode</string>
     <string name="title_advanced_openpgp">OpenPGP provider</string>
     <string name="title_advanced_sign_default">Standaard ondertekenen</string>
     <string name="title_advanced_encrypt_default">Standaard versleutelen</string>
     <string name="title_advanced_auto_decrypt">Berichten automatisch ontsleutelen</string>
     <string name="title_advanced_secure">Verbergen van recente apps scherm en voorkomen dat screenshots worden gemaakt</string>
-    <string name="title_advanced_biometrics_timeout">Biometrische verificatie verloopt na</string>
     <string name="title_advanced_pin">Pincode</string>
+    <string name="title_advanced_biometrics_timeout">Biometrische verificatie verloopt na</string>
+    <string name="title_advanced_manage_certificates">Publieke sleutels beheren</string>
+    <string name="title_advanced_import_key">Importeer privésleutel</string>
     <string name="title_advanced_english">Forceer Engelse taal</string>
     <string name="title_advanced_watchdog">Periodiek controleren of FairEmail nog actief is</string>
     <string name="title_advanced_updates">Controleren op updates</string>
@@ -593,7 +596,7 @@
     <string name="title_edit_plain_text">Bewerk als platte tekst</string>
     <string name="title_edit_formatted_text">Bewerk als geformatteerde tekst</string>
     <string name="title_select_certificate">Selecteer publieke sleutel</string>
-    <string name="title_import_certificate">Importeer</string>
+    <string name="title_import_certificate">Importeer publieke sleutel</string>
     <string name="title_send_plain_text">Alleen platte tekst</string>
     <string name="title_send_receipt">Vraag ontvangst/leesbevestiging</string>
     <string name="title_send_receipt_remark">De meeste aanbieders en e-mail clients negeren bevestigingsverzoeken</string>
@@ -617,7 +620,6 @@
     <string name="title_no_openpgp">OpenKeychain niet gevonden</string>
     <string name="title_not_encrypted">Bericht is niet ondertekend of versleuteld</string>
     <string name="title_reset_sign_key">Reset tekensleutel</string>
-    <string name="title_import_encrypt_key">Coderingssleutel importeren</string>
     <string name="title_signature_none">Bericht niet ondertekend</string>
     <string name="title_signature_valid">Handtekening bericht geldig</string>
     <string name="title_signature_unconfirmed">Handtekening bericht geldig maar niet bevestigd</string>
diff --git a/app/src/main/res/values-nn-rNO/strings.xml b/app/src/main/res/values-nn-rNO/strings.xml
index c73712241f..98e1e6458c 100644
--- a/app/src/main/res/values-nn-rNO/strings.xml
+++ b/app/src/main/res/values-nn-rNO/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Krypter som standard</string>
     <string name="title_advanced_auto_decrypt">Dekrypter meldinger automatisk</string>
     <string name="title_advanced_secure">Skjul fra nylige app-skjermbilde og forhindre å ta skjermbilder</string>
-    <string name="title_advanced_biometrics_timeout">Biometrisk autentisering timeout</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Biometrisk autentisering timeout</string>
     <string name="title_advanced_english">Tving bruk av engelsk</string>
     <string name="title_advanced_watchdog">Kontroller regelmessig om FairEmail fortsatt er aktiv</string>
     <string name="title_advanced_updates">Se etter oppdateringer</string>
@@ -593,7 +593,6 @@
     <string name="title_edit_plain_text">Rediger som ren tekst</string>
     <string name="title_edit_formatted_text">Rediger som omformatert tekst</string>
     <string name="title_select_certificate">Velg offentlig nøkkel</string>
-    <string name="title_import_certificate">Importer</string>
     <string name="title_send_plain_text">Bare vanlig tekst</string>
     <string name="title_send_receipt">Be om levert/lest kvittering</string>
     <string name="title_send_receipt_remark">De fleste tilbydere og e-post klienter ignorerer kvitterings forespørsler</string>
@@ -617,11 +616,11 @@
     <string name="title_no_openpgp">Finner ikke OpenKeychain</string>
     <string name="title_not_encrypted">Meldingen er ikke signert eller kryptert</string>
     <string name="title_reset_sign_key">Tilbakestill signert nøkkel</string>
-    <string name="title_import_encrypt_key">Importer krypteringsnøkkel</string>
     <string name="title_signature_none">Melding ikke signert</string>
     <string name="title_signature_valid">Meldings signatur gyldig</string>
     <string name="title_signature_unconfirmed">Meldingssignatur er gyldig, men ikke bekreftet</string>
     <string name="title_signature_invalid">Meldings signatur ugyldig</string>
+    <string name="title_signature_store">Lagre</string>
     <string name="title_search">Søk</string>
     <string name="title_search_server">Søk på server</string>
     <string name="title_search_in">Søk i</string>
diff --git a/app/src/main/res/values-no-rNO/strings.xml b/app/src/main/res/values-no-rNO/strings.xml
index c73712241f..98e1e6458c 100644
--- a/app/src/main/res/values-no-rNO/strings.xml
+++ b/app/src/main/res/values-no-rNO/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Krypter som standard</string>
     <string name="title_advanced_auto_decrypt">Dekrypter meldinger automatisk</string>
     <string name="title_advanced_secure">Skjul fra nylige app-skjermbilde og forhindre å ta skjermbilder</string>
-    <string name="title_advanced_biometrics_timeout">Biometrisk autentisering timeout</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Biometrisk autentisering timeout</string>
     <string name="title_advanced_english">Tving bruk av engelsk</string>
     <string name="title_advanced_watchdog">Kontroller regelmessig om FairEmail fortsatt er aktiv</string>
     <string name="title_advanced_updates">Se etter oppdateringer</string>
@@ -593,7 +593,6 @@
     <string name="title_edit_plain_text">Rediger som ren tekst</string>
     <string name="title_edit_formatted_text">Rediger som omformatert tekst</string>
     <string name="title_select_certificate">Velg offentlig nøkkel</string>
-    <string name="title_import_certificate">Importer</string>
     <string name="title_send_plain_text">Bare vanlig tekst</string>
     <string name="title_send_receipt">Be om levert/lest kvittering</string>
     <string name="title_send_receipt_remark">De fleste tilbydere og e-post klienter ignorerer kvitterings forespørsler</string>
@@ -617,11 +616,11 @@
     <string name="title_no_openpgp">Finner ikke OpenKeychain</string>
     <string name="title_not_encrypted">Meldingen er ikke signert eller kryptert</string>
     <string name="title_reset_sign_key">Tilbakestill signert nøkkel</string>
-    <string name="title_import_encrypt_key">Importer krypteringsnøkkel</string>
     <string name="title_signature_none">Melding ikke signert</string>
     <string name="title_signature_valid">Meldings signatur gyldig</string>
     <string name="title_signature_unconfirmed">Meldingssignatur er gyldig, men ikke bekreftet</string>
     <string name="title_signature_invalid">Meldings signatur ugyldig</string>
+    <string name="title_signature_store">Lagre</string>
     <string name="title_search">Søk</string>
     <string name="title_search_server">Søk på server</string>
     <string name="title_search_in">Søk i</string>
diff --git a/app/src/main/res/values-pl-rPL/strings.xml b/app/src/main/res/values-pl-rPL/strings.xml
index e391fddbc3..eb11b7614f 100644
--- a/app/src/main/res/values-pl-rPL/strings.xml
+++ b/app/src/main/res/values-pl-rPL/strings.xml
@@ -311,8 +311,8 @@
     <string name="title_advanced_openpgp">Dostawca OpenPGP</string>
     <string name="title_advanced_auto_decrypt">Automatycznie odszyfruj wiadomości</string>
     <string name="title_advanced_secure">Ukryj z ekranu najnowszych aplikacji i uniemożliwiaj wykonywanie zrzutów ekranu</string>
-    <string name="title_advanced_biometrics_timeout">Limit czasu uwierzytelniania biometrycznego</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Limit czasu uwierzytelniania biometrycznego</string>
     <string name="title_advanced_english">Wymuś język angielski</string>
     <string name="title_advanced_watchdog">Okresowo sprawdzaj, czy FairEmail jest nadal aktywny</string>
     <string name="title_advanced_updates">Sprawdź aktualizacje</string>
diff --git a/app/src/main/res/values-pt-rBR/strings.xml b/app/src/main/res/values-pt-rBR/strings.xml
index 4dec44126e..a48bfe5df6 100644
--- a/app/src/main/res/values-pt-rBR/strings.xml
+++ b/app/src/main/res/values-pt-rBR/strings.xml
@@ -282,8 +282,8 @@
     <string name="title_advanced_display_hidden">Exibir textos de mensagens ocultas</string>
     <string name="title_advanced_openpgp">Provedor OpenPGP</string>
     <string name="title_advanced_auto_decrypt">Descriptografar mensagens automaticamente</string>
-    <string name="title_advanced_biometrics_timeout">Tempo esgotado para a Autenticação Biométrica</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Tempo esgotado para a Autenticação Biométrica</string>
     <string name="title_advanced_english">Forçar em inglês</string>
     <string name="title_advanced_watchdog">Verifique periodicamente se o FairEmail ainda está ativo</string>
     <string name="title_advanced_updates">Procurar por atualizações</string>
diff --git a/app/src/main/res/values-ro-rRO/strings.xml b/app/src/main/res/values-ro-rRO/strings.xml
index 803f416284..0b2f46326a 100644
--- a/app/src/main/res/values-ro-rRO/strings.xml
+++ b/app/src/main/res/values-ro-rRO/strings.xml
@@ -301,8 +301,8 @@
     <string name="title_advanced_encrypt_default">Criptare în mod implicit</string>
     <string name="title_advanced_auto_decrypt">Decriptează automat mesajele</string>
     <string name="title_advanced_secure">Ascunde din lista de aplicații recente și previne capturarea ecranului</string>
-    <string name="title_advanced_biometrics_timeout">Expirare autentificarea biometrică</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Expirare autentificarea biometrică</string>
     <string name="title_advanced_english">Forțează folosirea limbii Engleze</string>
     <string name="title_advanced_watchdog">Verifică periodic dacă FairEmail este încă activ</string>
     <string name="title_advanced_updates">Verificare actualizări aplicație</string>
@@ -625,7 +625,6 @@
     <string name="title_no_openpgp">OpenKeychain nu a fost găsit</string>
     <string name="title_not_encrypted">Mesajul nu este semnat sau criptat</string>
     <string name="title_reset_sign_key">Resetare cheie de semnare</string>
-    <string name="title_import_encrypt_key">Importă cheie de criptare</string>
     <string name="title_signature_none">Mesaj nesemnat</string>
     <string name="title_signature_valid">Semnătura mesaj validă</string>
     <string name="title_signature_unconfirmed">Semnătura mesajului este validă dar nu este confirmată</string>
diff --git a/app/src/main/res/values-ru-rRU/strings.xml b/app/src/main/res/values-ru-rRU/strings.xml
index 3643c766a7..b07dfe4718 100644
--- a/app/src/main/res/values-ru-rRU/strings.xml
+++ b/app/src/main/res/values-ru-rRU/strings.xml
@@ -313,8 +313,8 @@
     <string name="title_advanced_encrypt_default">Шифровать по умолчанию</string>
     <string name="title_advanced_auto_decrypt">Автоматически расшифровывать сообщения</string>
     <string name="title_advanced_secure">Скрыть с экрана недавних приложений и запретить создание снимков экрана</string>
-    <string name="title_advanced_biometrics_timeout">Таймаут биометрической аутентификации</string>
     <string name="title_advanced_pin">PIN-код</string>
+    <string name="title_advanced_biometrics_timeout">Таймаут биометрической аутентификации</string>
     <string name="title_advanced_english">Принудительно использовать английский язык</string>
     <string name="title_advanced_watchdog">Регулярно проверять, активен ли FairEmail</string>
     <string name="title_advanced_updates">Проверять наличие обновлений</string>
@@ -615,7 +615,6 @@
     <string name="title_edit_plain_text">Редактировать как простой текст</string>
     <string name="title_edit_formatted_text">Редактировать как исходный текст</string>
     <string name="title_select_certificate">Выбор открытого ключа</string>
-    <string name="title_import_certificate">Импорт</string>
     <string name="title_send_plain_text">Только простой текст</string>
     <string name="title_send_receipt">Запросить уведомление о доставке/прочтении</string>
     <string name="title_send_receipt_remark">Большинство провайдеров и клиентов электронной почты игнорируют запросы о доставке</string>
@@ -639,7 +638,6 @@
     <string name="title_no_openpgp">OpenKeychain не найдено</string>
     <string name="title_not_encrypted">Сообщение не подписано и не зашифровано</string>
     <string name="title_reset_sign_key">Сброс ключа подписи</string>
-    <string name="title_import_encrypt_key">Импорт ключа шифрования</string>
     <string name="title_signature_none">Сообщение не подписано</string>
     <string name="title_signature_valid">Подпись сообщения действительна</string>
     <string name="title_signature_unconfirmed">Подпись сообщения действительна, но не подтверждена</string>
diff --git a/app/src/main/res/values-sr-rSP/strings.xml b/app/src/main/res/values-sr-rSP/strings.xml
index bd01723f9e..73f30bd5f1 100644
--- a/app/src/main/res/values-sr-rSP/strings.xml
+++ b/app/src/main/res/values-sr-rSP/strings.xml
@@ -289,8 +289,8 @@
     <string name="title_advanced_tracking">Аутоматски препознај и искључи слике које Вас прате</string>
     <string name="title_advanced_display_hidden">Прикажи сакривене текстове порука</string>
     <string name="title_advanced_auto_decrypt">Аутоматски дешифруј поруке</string>
-    <string name="title_advanced_biometrics_timeout">Време истека на биометријску проверу идентитета</string>
     <string name="title_advanced_pin">ПИН</string>
+    <string name="title_advanced_biometrics_timeout">Време истека на биометријску проверу идентитета</string>
     <string name="title_advanced_english">Форсирај енглески језик</string>
     <string name="title_advanced_watchdog">Периодично проверавај да ли је FairEmail и даље активан</string>
     <string name="title_advanced_updates">Провери за ажурирања</string>
diff --git a/app/src/main/res/values-sv-rSE/strings.xml b/app/src/main/res/values-sv-rSE/strings.xml
index c4932a2b66..028d721762 100644
--- a/app/src/main/res/values-sv-rSE/strings.xml
+++ b/app/src/main/res/values-sv-rSE/strings.xml
@@ -270,8 +270,8 @@
     <string name="title_advanced_openpgp">OpenPGP-leverantör</string>
     <string name="title_advanced_auto_decrypt">Dekryptera meddelanden automatiskt</string>
     <string name="title_advanced_secure">Dölj dig från senaste appar-skärmen och förhindra tagning av skärmdumpar</string>
-    <string name="title_advanced_biometrics_timeout">Tidsgräns för biometrisk autentisering</string>
     <string name="title_advanced_pin">PIN-kod</string>
+    <string name="title_advanced_biometrics_timeout">Tidsgräns för biometrisk autentisering</string>
     <string name="title_advanced_english">Tvinga användning av engelska</string>
     <string name="title_advanced_watchdog">Kontrollera regelbundet om FairEmail fortfarande är aktiv</string>
     <string name="title_advanced_updates">Sök efter uppdateringar</string>
diff --git a/app/src/main/res/values-tr-rTR/strings.xml b/app/src/main/res/values-tr-rTR/strings.xml
index b7049f175d..9fabf9c44d 100644
--- a/app/src/main/res/values-tr-rTR/strings.xml
+++ b/app/src/main/res/values-tr-rTR/strings.xml
@@ -291,8 +291,8 @@
     <string name="title_advanced_encrypt_default">Varsayılan olarak şifrele</string>
     <string name="title_advanced_auto_decrypt">İletilerin şifrelerini otomatik olarak çöz</string>
     <string name="title_advanced_secure">Son kullanılan uygulamalar ekranından gizle ve ekran görüntüsü alınmasını engelle</string>
-    <string name="title_advanced_biometrics_timeout">Biyometrik doğrulama süresi bitti</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Biyometrik doğrulama süresi bitti</string>
     <string name="title_advanced_english">İngilizce Diline Zorla</string>
     <string name="title_advanced_watchdog">Düzenli aralıklarla FairEmail hala etkin mi diye kontrol et</string>
     <string name="title_advanced_updates">Güncellemelere bak</string>
@@ -615,7 +615,6 @@
     <string name="title_no_openpgp">OpenKeychain bulunamadı</string>
     <string name="title_not_encrypted">Mesaj imzalı veya şifreli değil</string>
     <string name="title_reset_sign_key">İmzalama anahtarını sıfırla</string>
-    <string name="title_import_encrypt_key">Şifreleme anahtarını içe aktar</string>
     <string name="title_signature_none">İleti imzalı değil</string>
     <string name="title_signature_valid">İleti imzası geçerli</string>
     <string name="title_signature_unconfirmed">Mesaj imzası geçerli ancak onaylanmamış</string>
diff --git a/app/src/main/res/values-zh-rCN/strings.xml b/app/src/main/res/values-zh-rCN/strings.xml
index be7fa6edbc..861b651081 100644
--- a/app/src/main/res/values-zh-rCN/strings.xml
+++ b/app/src/main/res/values-zh-rCN/strings.xml
@@ -279,8 +279,8 @@
     <string name="title_advanced_encrypt_default">默认加密</string>
     <string name="title_advanced_auto_decrypt">自动解密消息</string>
     <string name="title_advanced_secure">从\"最近应用\"列表中隐藏并阻止截屏</string>
-    <string name="title_advanced_biometrics_timeout">生物认证超时时间</string>
     <string name="title_advanced_pin">PIN 码</string>
+    <string name="title_advanced_biometrics_timeout">生物认证超时时间</string>
     <string name="title_advanced_english">强制使用英语</string>
     <string name="title_advanced_watchdog">定期检查FairEmail是否仍在运行</string>
     <string name="title_advanced_updates">检查更新</string>
@@ -581,7 +581,6 @@
     <string name="title_edit_plain_text">以纯文本形式编辑</string>
     <string name="title_edit_formatted_text">以格式化文本形式编辑</string>
     <string name="title_select_certificate">选择公钥</string>
-    <string name="title_import_certificate">导入</string>
     <string name="title_send_plain_text">仅纯文本</string>
     <string name="title_send_receipt">请求送达／已读回执</string>
     <string name="title_send_receipt_remark">大多数供应商和电子邮件客户都忽略回执请求</string>
@@ -605,11 +604,11 @@
     <string name="title_no_openpgp">OpenKeychain 未找到</string>
     <string name="title_not_encrypted">消息未签名或加密</string>
     <string name="title_reset_sign_key">重置签名密钥</string>
-    <string name="title_import_encrypt_key">导入加密密钥</string>
     <string name="title_signature_none">消息未签名</string>
     <string name="title_signature_valid">消息签名有效</string>
     <string name="title_signature_unconfirmed">消息签名有效但未确认</string>
     <string name="title_signature_invalid">消息签名无效</string>
+    <string name="title_signature_store">存储</string>
     <string name="title_search">搜索</string>
     <string name="title_search_server">在服务器上搜索</string>
     <string name="title_search_in">搜索范围</string>
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index fce1abcd8c..80df68d5ac 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -330,13 +330,17 @@
 
     <string name="title_advanced_tracking">Automatically recognize and disable tracking images</string>
     <string name="title_advanced_display_hidden">Display hidden message texts</string>
+    <string name="title_advanced_encrypt_method">Default encryption method</string>
     <string name="title_advanced_openpgp">OpenPGP provider</string>
     <string name="title_advanced_sign_default">Sign by default</string>
     <string name="title_advanced_encrypt_default">Encrypt by default</string>
     <string name="title_advanced_auto_decrypt">Automatically decrypt messages</string>
     <string name="title_advanced_secure">Hide from recent apps screen and prevent taking screenshots</string>
-    <string name="title_advanced_biometrics_timeout">Biometric authentication timeout</string>
     <string name="title_advanced_pin">PIN</string>
+    <string name="title_advanced_biometrics_timeout">Biometric authentication timeout</string>
+    <string name="title_advanced_manage_certificates">Manage public keys</string>
+    <string name="title_advanced_import_key">Import private key</string>
+    <string name="title_advanced_aes_key_size" translatable="false">Max AES key size: %1$d</string>
 
     <string name="title_advanced_english">Force English language</string>
     <string name="title_advanced_watchdog">Periodically check if FairEmail is still active</string>
@@ -674,7 +678,7 @@
     <string name="title_edit_plain_text">Edit as plain text</string>
     <string name="title_edit_formatted_text">Edit as reformatted text</string>
     <string name="title_select_certificate">Select public key</string>
-    <string name="title_import_certificate">Import</string>
+    <string name="title_import_certificate">Import public key</string>
     <string name="title_send_plain_text">Plain text only</string>
     <string name="title_send_receipt">Request delivery/read receipt</string>
     <string name="title_send_receipt_remark">Most providers and email clients ignore receipt requests</string>
@@ -700,8 +704,6 @@
     <string name="title_no_openpgp">OpenKeychain not found</string>
     <string name="title_not_encrypted">Message is not signed or encrypted</string>
     <string name="title_reset_sign_key">Reset sign key</string>
-    <string name="title_import_encrypt_key">Import encryption key</string>
-    <string name="title_aes_key_size" translatable="false">Max AES key size: %1$d</string>
 
     <string name="title_signature_none">Message not signed</string>
     <string name="title_signature_valid">Message signature valid</string>
@@ -1157,6 +1159,11 @@
         <item>Large</item>
     </string-array>
 
+    <string-array name="encryptMethod" translatable="false">
+        <item>PGP</item>
+        <item>S/MIME</item>
+    </string-array>
+
     <string-array name="encryptNames">
         <item>None</item>
         <item>PGP sign-only</item>