Cisco Cisco Email Security Appliance C160 Guía Del Usuario
20-18
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 20 S/MIME Security Services
Verifying, Decrypting, or Decrypting and Verifying Incoming Messages using S/MIME
Adding a Public Key for S/MIME Verification
Before You Begin
•
Make sure that the public key meets the requirements described in
•
Make sure that the public key is in PEM format.
Procedure
Step 1
Click Mail Policies > Public Keys.
Step 2
Click Add Public Key.
Step 3
Enter the name of the public key.
Step 4
Enter the public key.
Step 5
Submit and commit your changes.
Note
Use the
smimeconfig
command to add public keys using CLI.
Harvesting Public Keys for S/MIME Verification
You can configure Email Security appliance to retrieve (harvest) public key from the incoming S/MIME
signed messages and use it to verify signed messages from the owner (business or consumer) of the
harvested key.
signed messages and use it to verify signed messages from the owner (business or consumer) of the
harvested key.
Note
By default, public keys from expired or self-signed S/MIME certificates are not harvested.
Procedure
1.
Enable public key harvesting using the web interface or CLI. See
2.
Request the sender to send a signed message.
3.
After the harvesting is complete, add the harvested public key to the appliance. See
.
This step is to ensure that the message is verified at the gateway level.
Enabling Public Key Harvesting
Procedure
Step 1
Click Mail Policies > Mail Flow Policies.