Usage of a Domain Key with Symantec Encryption Management Server (formerly known as PGP Universal Server)
|Article:TECH149885|||||Created: 2010-07-26|||||Updated: 2013-12-05|||||Article URL http://www.symantec.com/docs/TECH149885|
Using Symantec Encryption Management Server (SEMS - formerly known as PGP Universal Server) to encrypt to a single key for a specific recipient domain.data.
The SEMS includes the ability to create mail rules to encrypt to specific keys, rather than having to search for a specific key. Doing so could be useful if it is necessary to encrypt to a specific key under certain circumstances. It may be that the recipient domain requests a single key be used whenever sending encrypted emails to their domain, and using these mail rules makes this possible.
Use the following steps to encrypt all email messages to a domain key of an external recipient:
- Log into the Symantec Encryption Management Server admin interface.
- Click Mail > Mail Policy and then select the Outbound Policy Chain.
- Scroll down and click Add Rule.
- Type a name in the Rule Name field.
- In the Conditions section, change the value to If any of the following are true.
- Click the drop down arrow and select Recipient domain
- Leave the second value as is and type the name of the recipient domain.
- Select Actions
- In the Encrypt to section, place a checkmark next to Other Keys/Certificates.
- Click Import. The Import Key or Certificate screen is displayed.
- Import a public key file or key block for the recipient domain and then click Import.
- Click Save.
The SEMS does not support decrypting incoming encrypted mails to a single domain key for the SEMS managed domain. The SEMS does not include a single key for the entire domain for encryption and decryption. For more information on this configuration, see KB HOWTO77258.
Article URL http://www.symantec.com/docs/TECH149885