Cisco Cisco Email Security Appliance C170 사용자 가이드
19-5
Cisco AsyncOS 9.0 for Email User Guide
Chapter 19 S/MIME Security Services
Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME
Note
An S/MIME signing certificate can contain both Subject Alternative Name (Domains) and
Subject Alternative Name (Email).
Subject Alternative Name (Email).
Step 5
Click Next to view the certificate and signature information.
Step 6
Depending on your requirements, do the following:
•
Enter a name for the certificate.
•
If you want to submit a CSR for the self-signed certificate to a certificate authority, click Download
Certificate Signing Request to save the CSR in PEM format to a local or network machine.
Certificate Signing Request to save the CSR in PEM format to a local or network machine.
Step 7
Submit and commit your changes.
Step 8
When the certificate authority returns the trusted public certificate signed by a private key, upload it by
clicking on the certificate’s name on the Certificates page and entering the path to the file on your local
machine or network. Make sure that the trusted public certificate that you receive is in PEM format or a
format that you can convert to PEM using before uploading to the appliance. (Tools for doing this are
included with OpenSSL, free software from http://www.openssl.org.) Uploading the certificate from the
certificate authority overwrites the existing certificate.
clicking on the certificate’s name on the Certificates page and entering the path to the file on your local
machine or network. Make sure that the trusted public certificate that you receive is in PEM format or a
format that you can convert to PEM using before uploading to the appliance. (Tools for doing this are
included with OpenSSL, free software from http://www.openssl.org.) Uploading the certificate from the
certificate authority overwrites the existing certificate.
Importing an S/MIME Signing Certificate
Before You Begin
Make sure that the certificate you are planning to import meets the requirements described in RFC 5750:
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Certificate Handling.
Procedure
Step 1
Click Network > Certificates.
Step 2
Click Add Certificate.
Step 3
Choose Import Certificate.
Step 4
Enter the path to the certificate file on your network or local machine.
Step 5
Enter the password for the file.
Step 6
Click Next to view the certificate’s information.
Step 7
Enter a name for the certificate.
Step 8
Submit and commit your changes.
Setting Up Public Keys for Encrypting Messages
You must add the public key of the recipient’s S/MIME certificate to the appliance for encrypting
messages using S/MIME. AsyncOS allows you to add the public keys to the appliance using one of the
following methods:
messages using S/MIME. AsyncOS allows you to add the public keys to the appliance using one of the
following methods:
•
Manually adding or importing the public keys to the appliance. See
and
.