Руководство Пользователя для Cisco Cisco Email Security Appliance C190
26-4
Cisco AsyncOS 8.5.6 for Email User Guide
Chapter 26 FIPS Management
Managing Keys for DKIM Signing and Verification
FIPS-compliant signing keys are available for use in domain profiles and appear in the Signing Key list
when creating or editing a domain profile using the Mail Policies > Domain Profiles page. Once you
have associated a signing key with a domain profile, you can create DNS text record which contains your
public key. You do this via the Generate link in the DNS Text Record column in the domain profile listing
(or via
when creating or editing a domain profile using the Mail Policies > Domain Profiles page. Once you
have associated a signing key with a domain profile, you can create DNS text record which contains your
public key. You do this via the Generate link in the DNS Text Record column in the domain profile listing
(or via
domainkeysconfig -> profiles -> dnstxt
in the CLI).
DKIM Verification
The appliance requires a message to use a FIPS-compliant key in order to verify a DKIM signature. If
the signature does not use a FIPS-compliant key, the appliance returns a permanent failure.
the signature does not use a FIPS-compliant key, the appliance returns a permanent failure.