This submenu is called up from Domain Certificates.
Sections on this page:
•Manual S/MIME domain certificates
Section Domain encryption usage
Note on the functioning of the Domain encryption.
Section Filter manual S/MIME domains
Clicking on Filter... checks whether there is a manual entry for domain encryption via S/MIME for the entered email domain.
The search term is entered as a character string.
Section Managed S/MIME domain certificates
Displays the certificates of all email domains to which domain encryption is performed using S/MIME. These domains should know the S/MIME of the email domain (s) managed by this SEPPmail Secure E-Mail Gateway. The keys for these internally by SEPPmail Secure E-Mail Gateway managed email domains can be found under Mail System Managed Domains in the Section S/MIME domain encryption. The public key for these domains can be, depending on the GINA configuration, securely downloaded by the communication partner via the GINA portal as well (see GINA Domains Domains Extended settings Certificate search and management in GINA).
|
The used S/MIME encryption algorithm (AESxxx/3DES) depends on the setting Mail Processing Ruleset generator Encryption/Decryption Outgoing e-mails Use default cipher for S/MIME encryption. |
Column |
Description |
|---|---|
Displays the email address (RFC822 name) of the key owner. |
|
(Pseudo) email address for Domain encryption. |
|
Serial number of the certificate. |
|
Issue date of the certificate in the form YYYY-MM-DD |
|
Expiration date of the certificate in the form YYYY-MM-DD |
|
Indicates whether domain encryption to the specified destination is active. |
The Import S/MIME certificate... button can be used to integrate certificates of additional communication partners (email domains). Since the certificates are usually exchanged directly by the administrators, self-signed certificates are normally sufficient here. To exclude error sources, however, it should be ensured that the domain certificates comply with the RFC 3183 (https://tools.ietf.org/html/rfc3183).
|
The domain encryption with a target domain can only be set up with one procedure, S/MIME or OpenPGP! If it is still attempted to import another key for the same target domain, this would be acknowledged with an error: OpenPGP key already exists for domain ... . |
|
If email domains intended for Domain encryption are and/or will be entered with a leading full stop "." during import, the encryption also applies to all related subdomains. This means a key entered with ".mycompany.tld" would also be valid for e.g. "ch.mycompany.tld", "de.mycompany.tld" and so on. |
