Working with certificates

Article:HOWTO77657  |  Created: 2012-08-20  |  Updated: 2012-08-20  |  Article URL
Article Type
How To



Working with certificates

You can set up certificates through the Control Center.

Table: Working with certificates describes the tasks that you can perform with certificates. You can perform these tasks as needed in any order.

Table: Working with certificates



Add a new self-signed certificate.

A self-signed certificate can be used for either HTTPS communication or SMTP/TLS. Some mail servers may not be able to recognize a self-signed certificate that is used for SMTP/TLS. Many mail servers require a certificate authority-signed certificate.

See Adding a self-signed certificate.

Decide which method you want to use to add a certificate authority-signed certificate.

This topic describes the methods that you can use to add a certificate authority-signed certificate.

See Methods to add a Certificate Authority signed certificate.

Add certificate authority-signed certificates by importing them.

You can add a certificate authority-signed certificate without generating a certificate signing request in the Control Center.

See Modifying a Certificate Authority signed certificate import file.

Add your own CA or intermediate certificates.

Symantec Messaging Gateway includes preinstalled CA certificates for many common certificate authority vendors. Add a CA certificate if a certificate authority issues you an SMTP/TLS or HTTPS certificate and that certificate authority's CA certificate is not already in the Control Center.

Another reason to add a CA certificate is if your certificate requires an intermediate CA certificate. When you add the CA certificate, you complete the certificate chain to permit authentication of a certificate authority-signed certificate.

See Adding a CA or an intermediate certificate.

See an inventory of all of your CA certificates.

You can view a list of the currently installed CA certificates.

See Viewing existing CA certificates.

Request a certificate authority-signed certificate.

A certificate authority-signed certificate is more likely than a self-signed certificate to be effective for SMTP/TLS communication. It can also be used for HTTPS communication. Some possible CAs to use are listed on the Certificate Authority tab in the Control Center. However, other CAs are also supported.

See Requesting a Certificate Authority signed certificate.

Import a certificate authority-signed certificate into the Control Center.

When you receive a certificate from a certificate authority (CA), you must import it to make it available in the Control Center. In addition to the certificate, the CA might have sent you an intermediate CA certificate that you also need to install in the Control Center.

See Importing a Certificate Authority signed certificate.

Export a certificate to import on a different Symantec Messaging Gateway appliance or store as a backup.

You do not need to modify the certificate import file before import.

See Exporting a TLS and HTTPS certificate.

Replace all existing CA certificates in the Control Center with another set of CA certificates.

All existing CA certificates are removed and replaced with the CA certificates in the file that you specify.

See Replacing all existing CA certificates.

Back up CA certificates.

You can back up the CA certificates that are installed in the Control Center.

See Backing up CA certificates.

Change the certificate or domain key name.

You cannot modify any other part of a certificate. To change another part of a certificate, you must create a new certificate.

See Changing a certificate or domain key name.

Import, export, and work with application certificates.

You can import and export application certificates as needed. You can also edit, view, and delete these certificates.

See Importing an application certificate.

See Exporting an application certificate.

See Working with application certificates.

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices