Enable a key server query

PGP key type is not available in FIPS mode as PGP encryption/decryption is unsupported. If your Secure Email Gateway is operating in FIPS mode, you will not be able to modify the key type and the key server request will return S/MIME Secure Multipurpose Internet Mail Extensions (S/MIME) is a specification for secure email messages that uses the X.509 format for digital certificates and uses various encryption algorithms such as 3DES. keys only.

1. Navigate to System > Encryption > Encryption/Decryption Defaults. The Encryption/Decryption Defaults page is displayed.

2. In the Automatic Encryption panel, click Click here to change these settings.

3. Under If an encryption key can not be found in the Certificate Store, select query key servers for encryption keys using.

4. Select the initial query check box and specify a key server query from the drop-down menu.

5. If required, select the fall-back query check box and specify a key server query from the drop-down menu.

6. Under If an encryption key can not be found then, select an action to take if the key server query cannot find a suitable key.

   • trigger the cryptographic failure rule

   • do not encrypt the message

   • use password encryption

7. Click Save.

8. Apply the configuration.

If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > Configuration > Apply Configuration. See Apply new configuration for more information. If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Configure Peer Gateways for more information.