Cisco Cisco Email Security Appliance C160 Mode D'Emploi

You must add the public key of the recipient's S/MIME certificate to the appliance for encrypting 
messages. Depending on your organizational policies and processes, you can use one of the following 
methods to add the public key to the appliance:

Request the recipient to send the public key using an electronic channel, for example, email. You 
can then add the public key using the web interface or CLI.

For instructions to add the public key, see 

.

Enable public key harvesting using the web interface or CLI and request the recipient to send a 
signed message. The Email Security appliance can harvest the public key from the signed message. 

For instructions to harvest public key from an incoming signed message, see 

Make sure that the public key meets the requirements described in 

Make sure that the public key is in PEM format.

Click Mail Policies > Public Keys.

Click Add Public Key.

Enter the name of the public key.

Enter the public key.

Submit and commit your changes.

Use the 

smimeconfig

 command to add public keys using CLI.

You can configure Email Security appliance to retrieve (harvest) public key from the incoming S/MIME 
signed messages and use it to send encrypted messages to the owner (business or consumer) of the 
harvested key. 

By default, public keys from expired or self-signed S/MIME certificates are not harvested.

Make sure that the public key of the sender’s S/MIME certificate meets the requirements described in