To use S/MIME
Secure Multipurpose Internet Mail Extensions (S/MIME) is a specification for secure email messages that uses the X.509 format for digital certificates and uses various encryption algorithms such as 3DES. or PGP, you must have the correct keys for encrypting or decrypting Secure Email Gateway under the appropriate Certificate Store tab.
Private keys should be contained within certificate A digital means of proving your identity. When you send a digitally-signed message, you are sending your certificate and public key. Certificates are issued by a certification authority and can expire or be revoked. files where they are required for decrypting and signing emails. You can either import existing certificates, or create new certificates using the Generate certificate/key option or Automatic Certificate Generation using the Trust Center.
Keys used for encryption/decryption
The following table shows the keys that are used for encryption/decryption, and the Certificate Store's tab under which they must be saved.
| Technology | Direction |
|
Recipient's key | Certificate Store tab |
|---|---|---|---|---|
| S/MIME | Outgoing email | Encrypting | Public | Partners |
| Incoming email | Decrypting | Private | Corporate Can be specified as a default decryption key |
|
| PGP | Outgoing email | Encrypting | Public | Partners |
| Incoming email | Decrypting | Private | Corporate |
Keys used for signing/verification
The following table shows the keys that are used for signing/verification, and the Certificate Store's tab under which they must be saved.
| Technology | Direction |
|
Sender's key | Certificate Store tab |
|---|---|---|---|---|
| S/MIME | Outgoing email | Signing | Private | Corporate |
| Incoming email | Verification |
CA certificate for sender's public key or Self-signed CA |
Partners | |
| PGP | Outgoing email | Signing | Private | Corporate |
| Incoming email | Verification | Public | Partners |