Cisco Cisco Email Security Appliance C650 Guía Del Usuario
20-7
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 20 S/MIME Security Services
Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME
•
Import an existing S/MIME certificate to the appliance. See
.
Note
Cisco recommends that you use self-signed S/MIME certificates for sending signed messages to the
users within your organization or in a testing environment. For sending signed messages to external users
or in a production environment, use a valid S/MIME certificate obtained from a trusted CA.
users within your organization or in a testing environment. For sending signed messages to external users
or in a production environment, use a valid S/MIME certificate obtained from a trusted CA.
For understanding the certificate requirements for S/MIME, see
Creating a Self-Signed S/MIME Certificate
You can generate self-signed S/MIME certificates that are compliant to RFC 5750 (Secure/Multipurpose
Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling) using the web interface or CLI.
Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling) using the web interface or CLI.
Note
Cisco recommends that you use self-signed S/MIME certificates for sending signed messages to the
users within your organization or in a testing environment.
users within your organization or in a testing environment.
Procedure
Step 1
Click Network > Certificates.
Step 2
Click Add Certificate.
Step 3
Choose Create Self-Signed S/MIME Certificate.
Step 4
Enter the following information for the self-signed certificate:
Common Name
The fully qualified domain name.
Organization
The exact legal name of the organization.
Organizational Unit
Section of the organization.
City (Locality)
The city where the organization is legally located.
State (Province)
The state, county, or region where the organization is legally located.
Country
The two letter ISO abbreviation of the country where the organization is
legally located.
legally located.
Duration before expiration
The number of days before the certificate expires.
Subject Alternative
Name(Domains)
Name(Domains)
If you configure this field, any user from the specified domain can send
signed messages.
signed messages.
Name of the domain from which you plan to send signed messages.
Examples include
Examples include
domain.com
and
*.domain.net
. For multiple entries,
use a comma-separated list.
Subject Alternative
Name(Email)
Name(Email)
If you configure this field, only the specified users can send signed
messages.
messages.
Email address of the user who is planning to send signed messages, for
example,
example,
user@somedomain.com
. For multiple entries, use a
comma-separated list.
Private Key Size
Size of the private key to generate the certificate signing request (CSR).