Cisco Cisco Email Security Appliance C160 用户指南
20-17
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 20 S/MIME Security Services
Verifying, Decrypting, or Decrypting and Verifying Incoming Messages using S/MIME
Before You Begin
•
Share the public key of the appliance's S/MIME certificate with the sender (business or consumer)
in one of the following ways:
in one of the following ways:
–
Send the public key using an electronic channels, for example, email.
–
Request the sender to the retrieve the public key using key harvesting.
The sender can use this public key to send encrypted messages to your appliance.
Note
In a B2C scenario, if your organization's S/MIME certificate is a domain certificate, some
email clients (for example, Microsoft Outlook) may not be able to send encrypted messages
using the public key of your organization's S/MIME certificate. This is because these email
clients do not support encryption using public keys of domain certificates.
email clients (for example, Microsoft Outlook) may not be able to send encrypted messages
using the public key of your organization's S/MIME certificate. This is because these email
clients do not support encryption using public keys of domain certificates.
•
Make sure that the S/MIME certificate that you plan to import meets the requirements described in
Procedure
Step 1
Click Network > Certificates.
Step 2
Click Add Certificate.
Step 3
Choose Import Certificate.
Step 4
Enter the path to the certificate file on your network or local machine.
Step 5
Enter the password for the file.
Step 6
Click Next to view the certificate’s information.
Step 7
Enter a name for the certificate.
Step 8
Submit and commit your changes.
Note
Use the
certconfig
command to add the S/MIME certificates using CLI.
Setting Up Public Keys for Verifying Signed Messages
You must add the public key of the sender’s S/MIME certificate to the appliance for verifying signed
messages. Depending on your organizational policies and processes, you can use one of the following
methods to add the public key to the appliance:
messages. Depending on your organizational policies and processes, you can use one of the following
methods to add the public key to the appliance:
•
Request the sender to send their public key using an electronic channels, for example, email. You
can then add the public key using the web interface or CLI.
can then add the public key using the web interface or CLI.
For instructions to add the public key, see
•
Retrieve the public key using key harvesting. See