Open with table of contents

Set up key decryption

To set up key decryption, complete the following two procedures:

1. Configure the Encryption options in the System Center. Show me

   1. Import PGP and S/MIME certificates into the Corporate area of the certificate store.

   2. Configure the default decryption settings that you want to use.

   3. Enable logging to monitor decryption activity. Show me

      1. Point to the System tab.
      2. Under Encryption, click Encryption/Decryption Defaults.
      3. In the Encryption/Decryption Logging area, click Click here to change these settings.

      4. In the list, select a logging level.

      5. Click Save.
   4. Optionally, define mail encryption endpoints to re-encrypt email messages after content checking.
   5. Apply the configuration.
2. Configure the Policy Definition options in the Policy Center Show me

   1. Create a new policy route or edit an existing policy route.

   2. Enable decryption on the policy route.

   3. Optionally, enable extracting PGP and S/MIME keys from email messages.

   4. Optionally, modify the Encryption or decryption fails content rule to define the disposal action for the Email Gateway to take if an email message cannot be encrypted.

   5. Apply the configuration.

Tell me about...

• Required S/MIME and PGP certificates
• Certificate store overview
• Mail encryption endpoints overview

How do I...

• Import and export S/MIME and PGP certificates?
• Configure the encryption/decryption default settings?
• Create a policy route?
• Edit a policy route?
• Enable decryption on a mail policy route?
• Extract PGP and S/MIME keys from email messages?
• Apply encryption endpoints to a mail policy route?
• Work with Disposal Actions?

• Apply the new configuration?