Cisco Cisco Email Security Appliance X1070 Troubleshooting Guide
ESA Certificate Creation for Use with S/MIME
Signing
Signing
Document ID: 118853
Contributed by Robert Sherwin, Cisco TAC Engineer.
Mar 20, 2015
Mar 20, 2015
Contents
Introduction
Background Information
Create a Certificate
Import a Certificate
Associate a PEM Certificate
Related Information
Background Information
Create a Certificate
Import a Certificate
Associate a PEM Certificate
Related Information
Introduction
This document describes how to create certificates for use with Secure/Multipurpose Internet Mail Extensions
(S/MIME) signing on the Cisco Email Security Appliance (ESA).
(S/MIME) signing on the Cisco Email Security Appliance (ESA).
Background Information
When you create an S/MIME certificate for message signing, it must meet the requirements described in RFC
5750: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 − Certificate Handling.
5750: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 − Certificate Handling.
For this process, the use of an external application is required in order to generate the certificate. The X
Certificate and Key Management (XCA) is an application that manages asymmetric keys, such as
Rivest−Shamir−Addleman (RSA) or Digital Signature Algorithm (DSA), and is intended to be a small
Certificate Authority (CA) for the creation and signing of certificates. It uses the Open Secure Sockets Layer
(OpenSSL) library for the cryptographic operations.
Certificate and Key Management (XCA) is an application that manages asymmetric keys, such as
Rivest−Shamir−Addleman (RSA) or Digital Signature Algorithm (DSA), and is intended to be a small
Certificate Authority (CA) for the creation and signing of certificates. It uses the Open Secure Sockets Layer
(OpenSSL) library for the cryptographic operations.
Note: The XCA is a third−party application that is not supported by Cisco. The use of this application is
provided only for illustration and ease of administration for S/MIME administration, testing, and
configuration. For full details and instructions on XCA, refer to the XCA − X Certificate and key
management document.
provided only for illustration and ease of administration for S/MIME administration, testing, and
configuration. For full details and instructions on XCA, refer to the XCA − X Certificate and key
management document.
You can download the XCA application at either of these locations:
Macintosh Operating Systems (OSX): Sourceforge
•
Microsoft Windows Systems: Softpedia
•
Create a Certificate
Complete these steps in order to create an S/MIME certificate: