If your Gateway is operating in FIPS Mode, PGP encryption will be unavailable as it is not compliant with the standards defined by FIPS 140-2.
To set up key decryption, complete the following two procedures:
Configure the Encryption options in the System Center. Show me
Import PGP and S/MIME certificates into the Corporate area of the certificate store.
Configure the default decryption settings that you want to use.
Enable logging to monitor decryption activity. Show me
Point to the System tab.
Under Encryption, click Encryption/Decryption Defaults.
In the Encryption/Decryption Logging area, click Click here to change these settings.
In the list, select a logging level.
Click Save.
Optionally, define mail encryption endpoints to re-encrypt email messages after content checking.
Apply the configuration.
Configure the Policy Definition options in the Policy Center Show me
Create a new policy route or edit an existing policy route.
Enable decryption on the policy route.
Optionally, enable extracting PGP and S/MIME keys from email messages.
Optionally, modify the Encryption or decryption fails content rule to define the disposal action for the Email Gateway to take if an email message cannot be encrypted.