| If Secure Email Gateway is operating in FIPS mode, you will be unable to create PGP keys. PGP encryption uses algorithms that are not supported. |
You can use the 
Secure Multipurpose Internet Mail Extensions (S/MIME) is a specification for secure email messages that uses the X.509 format for digital certificates and uses various encryption algorithms such as 3DES. and PGP keys. These keys can be used for signing and encryption in mail encryption endpoints.
| You can only self-sign generated S/MIME keys using a generated signing certificate The certificate of the certificate authority that signed the key certificate. It contains the certificate authority's own public key. Also known as "root certificate".. You cannot self-sign generated PGP keys. |
Create and self-sign a private S/MIME key
- Navigate to System > Encryption > Certificate Store.
- In the task panel, click Generate certificate A digital means of proving your identity. When you send a digitally-signed message, you are sending your certificate and public key. Certificates are issued by a certification authority and can expire or be revoked./key. The Generate New Certificate or Key dialog is displayed.
- From the Type drop-down menu, select S/MIME.
- From the Sign With drop-down menu, select a signing certificate that you have created yourself.
-
Specify the remaining fields as required.
Enter only ASCII printable characters in the fields. When you mouse over, some of the fields display a tooltip. - Click Generate.
- Apply the configuration.
Create an S/MIME key using a Trust Center
If you have not already configured authentication with the Trust Center, you need to do this on the Trust Center Configuration page before you can continue.
|
As described in the Required information when configuring the Trust Center section, information you need to provide may vary, depending on the product type you have with SwissSign. |
- Navigate to System > Encryption > Certificate Store.
- In the task panel, click Generate certificate/key. The Generate New Certificate or Key dialog is displayed.
- From the Type drop-down menu, select Trust Center.
-
Specify the following fields.
Name
Email
Given Name
Surname
Pseudonym
Company
Department
State
Country
Required information
Note that the following are intended as general information only and subject to change.
Silver account Gold account Gold account using pseudonym Name Enter email address Enter given name and surname
(e.g.
John Smith)Enter pseudo: pseudonym
(e.g.
pseudo: Account Team)Email Enter email address Enter email address Enter email address Given Name Leave empty
Enter given name
(e.g.
John)Leave empty Surname Leave empty Enter surname
(e.g.
Smith)Leave empty Pseudonym Leave empty Leave empty Enter pseudonym
(e.g.
Account Team)Company Optional Optional Optional Department Optional Optional Optional State Optional Optional Optional Country Select country Select country Select country Enter only ASCII printable characters in the fields. When you mouse over, some of the fields display a tooltip. -
Specify the Validity Period (1, 2 or 3 years) from the drop-down menu.
-
Specify the Key Strength (2048, 3072 or 4096) from the drop-down menu.
- Enter a password in the Password and Confirm fields.
- Click Generate.
- Apply the configuration.
Create a PGP private key
- Navigate to System > Encryption > Certificate Store.
- In the task panel, click Generate certificate/key. The Generate New Certificate or Key dialog is displayed.
- From the Type drop-down menu, select PGP.
-
Specify the remaining fields as required.
Enter only ASCII printable characters in the fields. When you mouse over, some of the fields display a tooltip. - Click Generate.
- Apply the configuration.
|
If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > Configuration > Apply Configuration. See Apply new configuration for more information. If you use |