Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680
481482483484485486487488489490
19-5
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 19 S/MIME Security Services
Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME
3. Create a PKCS7 signature with the encrypted message digest and public key of the appliance’s
S/MIME certificate.
4. Sign the message by attaching the PKCS7 signature to the message.
5. Send the signed message to the recipient.
S/MIME Encryption Workflow
The following process describes how Email Security appliance performs S/MIME encryption.
1. Create a pseudo-random session key.
2. Encrypt the message body using the session key.
3. Encrypt the session key using the public key of the recipient's (gateway or consumer) S/MIME
certificate.
4. Attach the encrypted session key to the message.
5. Send the encrypted message to the recipient.
Note If PXE and S/MIME encryption is enabled on the appliance, Email Security appliance encrypts messages
using S/MIME first, and then using PXE.