Руководство Пользователя для Cisco Cisco Email Security Appliance C170
19-7
Cisco AsyncOS 9.0 for Email User Guide
Chapter 19 S/MIME Security Services
Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME
Note
The size of the harvested public key repository on the appliance is 512 MB. If the repository is full used,
AsyncOS will automatically remove unused public keys.
AsyncOS will automatically remove unused public keys.
Procedure
Step 1
Click Mail Policies > Mail Flow Policies.
Step 2
Create a new Mail Flow Policy or modify an existing one. See
.
Step 3
Scroll down to the Security Features section.
Step 4
Under S/MIME Public Key Harvesting, do the following:
•
Enable S/MIME public key harvesting.
•
(Optional) Choose whether to harvest public keys if the verification of the incoming signed
messages fail.
messages fail.
•
(Optional) Choose whether to harvest updated public keys.
Note
If AsyncOS receives more than one updated public key from the same domain or message
within 48 hours, AsyncOS sends out a warning alert.
within 48 hours, AsyncOS sends out a warning alert.
Step 5
Submit and commit your changes.
Once you enable the harvesting, You can view the harvested public keys on the Mail Policies >
Harvested Public Keys page.
Harvested Public Keys page.
Managing S/MIME Sending Profiles
An S/MIME sending profile allows you define the following parameters:
•
S/MIME mode to use
•
S/MIME certificate for signing to use
•
S/MIME signing mode to use
•
Action to take if the public key of the recipient's S/MIME certificate is not available on the
appliance.
appliance.
You to can create, edit, delete, import, export, and search S/MIME sending profiles using AsyncOS web
interface or CLI.
interface or CLI.
Create an S/MIME Sending Profile
Procedure
Step 1
Click Mail Policies > Sending Profiles.
Step 2
Click Add Profile.