Руководство Пользователя для Cisco Cisco Email Security Appliance C190
19-4
Cisco AsyncOS 9.0 for Email User Guide
Chapter 19 S/MIME Security Services
Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME
Setting Up Certificates for Signing Messages
You must set up an S/MIME certificate for signing messages using S/MIME. The S/MIME certificate
must meet the requirements described in RFC 5750: Secure/Multipurpose Internet Mail Extensions
(S/MIME) Version 3.2 - Certificate Handling.
must meet the requirements described in RFC 5750: Secure/Multipurpose Internet Mail Extensions
(S/MIME) Version 3.2 - Certificate Handling.
AsyncOS allows you to set up S/MIME certificates for signing messages using one of the following
methods:
methods:
•
Create a self-signed S/MIME certificate using AsyncOS. See
.
•
Import an existing S/MIME certificate to the appliance. See
.
Creating a Self-Signed S/MIME Certificate
Procedure
Step 1
Click Network > Certificates.
Step 2
Click Add Certificate.
Step 3
Choose Create Self-Signed S/MIME Certificate.
Step 4
Enter the following information for the self-signed certificate:
Common Name
The fully qualified domain name.
Organization
The exact legal name of the organization.
Organizational Unit
Section of the organization.
City (Locality)
The city where the organization is legally located.
State (Province)
The state, county, or region where the organization is legally located.
Country
The two letter ISO abbreviation of the country where the organization is
legally located.
legally located.
Duration before expiration
The number of days before the certificate expires.
Subject Alternative
Name(Domains)
Name(Domains)
Name of the domain to which you plan to send signed messages. Examples
include
include
domain.com
and
*.domain.net
. For multiple entries, use a
comma-separated list.
If you configure this field, you can send signed messages to any user under
the specified domain.
the specified domain.
Subject Alternative
Name(Email)
Name(Email)
Email address of the user to whom you plan to send signed messages, for
example,
example,
user@somedomain.com
. For multiple entries, use a
comma-separated list.
If you configure this field, you can send signed messages only to the
specified email addresses.
specified email addresses.
Private Key Size
Size of the private key to generate for the CSR.