Cisco Cisco Email Security Appliance C670 Libro bianco
© 2016 Cisco and/or its affiliates. All rights reserved.
5
Organization A sending a message to Organization B:
1. Alice (Organization A) uses an email client to send an unsigned and
unencrypted message to Erin (Organization B).
2. Cisco Email Security Appliance in Organization A signs and encrypts
the messages and sends it to Organization B.
3. The email client in the Organization B decrypts and verifies the
message and displays it to Erin.
Organization B sending a message to Organization A:
1. Erin (Organization B) uses the email client to sign and encrypt a
message and sends it to Alice (Organization A).
2. Cisco Email Security Appliance in Organization A decrypts and
verifies the message.
3. Alice receives the unencrypted and unsigned message.
Cisco Email Security S/MIME Certificate Installation Requirements
Note:
For production environments, it is highly recommended organizations buy
an S/MIME certificate from a trusted and established certificate authority that
your organization would like to use for business purposes.
Creating a certificate for use with S/MIME signing on Cisco Email
Security as noted below is not recommended for production use, but
can provide good exposure in test environments.
When you create an S/MIME certificate for message signing, it must
meet the requirements described in
: Secure/Multipurpose
Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
For this process, the use of an external application is required in order to
generate the certificate. The X Certificate and Key Management (XCA)
is an application that manages asymmetric keys, such as Rivest-Shamir-
Addleman (RSA) or Digital Signature Algorithm (DSA), and is intended
to be a small certificate authority (CA) for the creation and signing of
certificates. It uses the Open Secure Sockets Layer (OpenSSL) library
for the cryptographic operations.
Note:
The XCA is a third-party application that is not supported by Cisco. The use
of this application is provided only for illustration and ease of administration for S/
MIME administration, testing, and configuration. For full details and instructions on
XCA, refer to the
You can download the XCA application at either of these locations:
Macintosh Operating Systems (OSX):
.
Microsoft Windows Systems:
Create a Certificate
Complete these steps in order to create an S/MIME certificate:
Use the XCA application in order to create a new XCA database or open
a current XCA database, if one already exists.
a. From the menu bar, navigate to
File > New Database > <DB name a.
of your choice>:
Cisco Email Security How-To Guide
How-To Secure Communications
Cisco Public