If the services on your network require more than a few self-signed certificates, it may be worth the additional effort to create an S/MIME
Secure Multipurpose Internet Mail Extensions (S/MIME) is a specification for secure email messages that uses the X.509 format for digital certificates and uses various encryption algorithms such as 3DES. signing certificate The certificate of the certificate authority that signed the key certificate. It contains the certificate authority's own public key. Also known as "root certificate". for your own internal Certification Authority (CA). Using certificates signed by your own CA allows the various services using the certificates to easily trust other services using certificates issued from the same CA.
- Navigate to System > Encryption > Certificate Store.
- In the task panel, click Generate certificate A digital means of proving your identity. When you send a digitally-signed message, you are sending your certificate and public key. Certificates are issued by a certification authority and can expire or be revoked./key. The Generate New Certificate or Key dialog is displayed.
- From the Type drop-down menu, select Certificate Authority.
-
Specify the remaining fields as required.
Enter only ASCII printable characters in the fields. When you mouse over, some of the fields display a tooltip. - Click Generate. The signing certificate is added to the list.
-
Apply the configuration.
You can now go on to generate and self-sign private S/MIME keys.
|
If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > Configuration > Apply Configuration. See Apply new configuration for more information. If you use |