Cisco Cisco Email Security Appliance C650 Guía Del Usuario
24-7
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 24 Encrypting Communication with Other MTAs
Enabling TLS on a Listener’s HAT
Step 8
Submit and commit your changes.
What To Do Next
•
If you are deploying self-signed certificates, see
.
Exporting a Certificate
AsyncOS also allows you to export certificates and save them in the PKCS #12 format.
Note
If you are deploying a signed certificate, do not use this procedure to generate a Certificate Signing
Request (CSR). Instead, see
Request (CSR). Instead, see
.
Procedure
Step 1
Navigate to the Network > Certificates page.
Step 2
Click Export Certificate.
Step 3
Select the certificate you want to export.
Step 4
Enter the file name for the certificate.
Step 5
Enter a password for the certificate file.
Step 6
Click Export.
Step 7
Save the file to a local or network machine.
Step 8
You can export additional certificates or click Cancel to return to the Network > Certificates page.
What To Do Next
•
If you are deploying self-signed certificates, see
.
Enabling TLS on a Listener’s HAT
You must enable TLS for any listeners where you require encryption. You may want to enable TLS on
listeners facing the Internet (that is, public listeners), but not for listeners for internal systems (that is,
private listeners). Or, you may want to enable encryption for all listeners.
listeners facing the Internet (that is, public listeners), but not for listeners for internal systems (that is,
private listeners). Or, you may want to enable encryption for all listeners.
You can specify the following settings for TLS on a listener.
Table 24-2
TLS Settings for a Listener
TLS Setting
Meaning
1. No
TLS is not allowed for incoming connections. No connections to the listener
will require encrypted SMTP conversations. This is the default setting for all
listeners you configure on the appliance.
will require encrypted SMTP conversations. This is the default setting for all
listeners you configure on the appliance.