Cisco Cisco Email Security Appliance X1070 White Paper
© 2016 Cisco and/or its affiliates. All rights reserved.
9
3. Review the certificate and click
Submit in order to commit your
changes:
Associate a PEM Certificate
You must now add your PEM-formatted certificate to the S/MIME Public
Keys. Complete these steps in order to add the PEM-formatted certificate:
1. Navigate to
Mail Policies > S/MIME Public Keys > Add Public Key....
2. Enter the name, as required.
3. Open the PEM (.crt) formatted certificate in an appropriate text editor
3. Open the PEM (.crt) formatted certificate in an appropriate text editor
(such as Notepad++ or Atom).
4. Copy the content from -----
BEGIN CERTIFICATE----- through ----
END CERTIFICATE-----.
5. Paste this content into the S/MIME Public Key section and click
Submit:
6. Commit all changes. At this point your S/MIME Public Key is now set
for your Cisco Email Security solution.
S/MIME Verification and Decryption Flowcharts
Looking for an S/MIME
Gateway-To-Gateway
Verification Profile
S/MIME email received
S/MIME Gateway Decryption
S/MIME Gateway
Verification
Encrypted?
Check Triple Mode
Signed
Next Processing Step
No
No
Signature Verification
S/MIME Incoming Operation
Decryption
No
No
No
Yes
Yes
Yes
Yes
Decrypting
Yes
Found?
Is the S/MIME gateway
PKSC12 certificate found?
Verifying
Successfully?
Remove S/MIME signature
Mark the message has been
S/MIME Gateway processed
Mark the message has been
S/MIME Gateway processed
Looking for an S/MIME
gateway PKSC12
certificate to decrypt
Certificate Harvesting
•
For easier certificate management, Cisco Email Security will harvest
any X.509 certificates from S/MIME gateway-to-gateway messages
•
Self-signed certificates are ignored as they are considered personal
•
Harvested keys DB size is 512 MB (~300K records)
-
Warning sent when DB is full
-
No DB manipulation is exposed to end user at the moment
S/MIME Verification and Public Key Harvesting features – Mail
Flow Policies
Cisco Email Security How-To Guide
How-To Secure Communications
Cisco Public