Cisco Cisco Email Security Appliance C170 Betriebsanweisung
19-6
Cisco AsyncOS 9.0 for Email User Guide
Chapter 19 S/MIME Security Services
Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME
•
Automatically harvesting the public keys from the incoming S/MIME signed messages. See
.
Adding a Public Key for S/MIME Encryption
Before You Begin
•
Make sure that the S/MIME certificate meets the requirements described in RFC 5750:
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
•
Make sure that the public key is in PEM format.
Procedure
Step 1
Click Mail Policies > Public Keys.
Step 2
Click Add Public Key.
Step 3
Enter the name of the public key.
Step 4
Enter the public key in PEM format.
Step 5
Submit and commit your changes.
Importing a Public Key for S/MIME Encryption
You can import S/MIME certificates from the
/configuration
directory of your appliance.
Before You Begin
•
Make sure that the S/MIME certificate meets the requirements described in RFC 5750:
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
•
Make sure that the public key is available in the
/configuration
directory of the appliance.
Procedure
Step 1
Click Mail Policies > Public Keys.
Step 2
Click Import Public Keys.
Step 3
Select the public key and click Submit.
Note
The import process may take longer if you are importing a file with large number of public keys.
Step 4
Commit your changes.
Harvesting Public Keys
You can harvest the public key of the recipient’s S/MIME certificate from the incoming S/MIME signed
messages. Harvesting of the public keys is enabled on the Mail Flow Policies. All the harvested public
keys are stored on the appliance and are listed on the S/MIME Harvested Public Keys page.
messages. Harvesting of the public keys is enabled on the Mail Flow Policies. All the harvested public
keys are stored on the appliance and are listed on the S/MIME Harvested Public Keys page.