Obtaining a Certificate for the Email Appliance

Example: Obtaining a new certificate.

You may have a business partner who requires that all email be encrypted using transport layer security (TLS). If the self-signed certificate provided with the Email Appliance is not recognized by your business partner, you may need to initiate a CSR and obtain a signed certificate.

You need a certificate from a trusted certificate authority so that your Email Appliance can be verified by any mail server requesting to communicate with your Email Appliance using TLS encryption.

1. Initiate a certificate signing request (CSR) by clicking Add on the Configuration > System > Certificates page. The Add Certificate dialog is displayed.

2. In the Add certificate dialog box, select Initiate CSR, then click OK. The CSR request dialog box is displayed.

3. Enter the required information and click OK. The CSR dialog box is displayed with the generated (CSR).

5. After saving the CSR, you need to contact the certificate authority of your choice, and follow their instructions for uploading the CSR, purchasing a suitable certificate, and downloading the resulting signed certificate.

6. After you have obtained a signed certificate, you will need to upload it to the Email Appliance. On the Configuration > System > Certificates page, click Add. The Add certificate dialog box is displayed.

7. Select Upload certificate and click OK. The Upload certificate dialog box is displayed.

8. Select Import Certificate to import the certificate from a file, or, select Paste, then paste the certificate in the Paste Certificate text box. Click OK.

The certificate is displayed in the list of available certificates,

9. To use the new certificate for email encryption, in the Certificates list, select Email Encryption, then click Apply

Your Email Appliance will now offer the new certificate when another server requests to send TLS-encrypted email to the Email Appliance.