Cisco Cisco Email Security Appliance X1070 User Guide
24-5
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 24 Encrypting Communication with Other MTAs
Working with Certificates
Step 3
Select Create Self-Signed Certificate.
Step 4
Enter the following information for the self-signed certificate:
Step 5
Click Next.
Step 6
Enter a name for the certificate. By default, AsyncOS assigns the common name previously entered.
Step 7
If you will submit this certificate as a Certificate Signing Request (CSR), click Download Certificate
Signing Request to save the CSR in PEM format to a local or network machine.
Signing Request to save the CSR in PEM format to a local or network machine.
Step 8
Submit and commit your changes.
What To Do Next
See the appropriate next step:
•
.
•
About Sending a Certificate Signing Request (CSR) to a Certificate Authority
A certificate authority is a third-party organization or company that issues digital certificates used to
verify identity and distributes public keys. This provides an additional level of assurance that the
certificate is issued by a valid and trusted identity. You may purchase certificates and private keys from
a recognized certificate authority. Cisco does not recommend one service over another.
verify identity and distributes public keys. This provides an additional level of assurance that the
certificate is issued by a valid and trusted identity. You may purchase certificates and private keys from
a recognized certificate authority. Cisco does not recommend one service over another.
The Email Security appliance can create a self-signed certificate and generate a Certificate Signing
Request (CSR) to submit to a certificate authority to obtain the public certificate. The certificate
authority will return a trusted public certificate signed by a private key. Use the Network > Certificates
page in the web interface or the
Request (CSR) to submit to a certificate authority to obtain the public certificate. The certificate
authority will return a trusted public certificate signed by a private key. Use the Network > Certificates
page in the web interface or the
certconfig
command in the CLI to create the self-signed certificate,
generate the CSR, and install the trusted public certificate.
If you are acquiring or creating a certificate for the first time, search the Internet for “certificate authority
services SSL Server Certificates,” and choose the service that best meets the needs of your organization.
Follow the service’s instructions for obtaining a certificate.
services SSL Server Certificates,” and choose the service that best meets the needs of your organization.
Follow the service’s instructions for obtaining a certificate.
What To Do Next
See
Common Name
The fully qualified domain name.
Organization
The exact legal name of the organization.
Organizational Unit
Section of the organization.
City (Locality)
The city where the organization is legally located.
State (Province)
The state, county, or region where the organization is legally located.
Country
The two letter ISO abbreviation of the country where the organization is
legally located.
legally located.
Duration before expiration
The number of days before the certificate expires.
Private Key Size
Size of the private key to generate for the CSR. Only 2048-bit and 1024-bit
are supported.
are supported.