Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

25-15

User Guide for AsyncOS 10.0 for Cisco Email Security Appliances

Chapter 25 Encrypting Communication with Other MTAs

Enabling a Certificate for HTTPS

Importing a Custom Certificate Authority List

You can create a custom of list trusted certificate authorities and import it onto the appliance. The file
must be in the PEM format and include certificates for the certificate authorities that you want the
appliance to trust.

Procedure

Step 1

Navigate to the Network > Certificates page.

Step 2

Click Edit Settings in the Certificate Authorities section.

Step 3

Click Enable for the Custom List.

Step 4

Enter the full path to the custom list on a local or network machine.

Step 5

Submit and commit your changes.

Exporting a Certificate Authorities List

If you want to use only a subset of the trusted certificate authorities in the system or edit an existing
custom list, you can export the list to a .txt file and edit it to add or remove certificate authorities. After
you have finished editing the list, import the file back onto the appliance as a custom list.

Procedure

Step 1

Navigate to the Network > Certificates page.

Step 2

Click Edit Settings in the Certificate Authorities section.

Step 3

Click Export List.

AsyncOS displays the Export Certificate Authority List page.

Step 4

Select the list you want to export.

Step 5

Enter a filename for the list.

Step 6

Click Export.

AsyncOS displays a dialog box asking if want to open or save the list as a .txt file.

Enabling a Certificate for HTTPS

You can enable a certificate for HTTPS services on an IP interface using either the Network > IP
Interfaces page in the GUI or the

interfaceconfig

command in the CLI.

Procedure

Step 1

Navigate to the Network > IP Interfaces page.

Step 2

Select the interface you want to enable the HTTPS service.