Open with table of contents

Required S/MIME and PGP certificates

To use S/MIME or PGP, you must have the correct keys in the appropriate certificate store area of the encrypting or decrypting Gateway.

Keys are contained within certificates. You can either import existing certificates or create new certificates using the certificate/key generator.

Tell me about...

• Keys used for encryption/decryption

  The following table displays the keys that are used for encryption/decryption and the area of the certificate store that they must be kept in.

  Technology	Direction	Gateway	Recipient's key	Certificate store area
  S/MIME	Outgoing email	Encrypting	Public	Partners
  	Incoming email	Decrypting	Private	Corporate Must be marked as a default decryption key
  PGP	Outgoing email	Encrypting	Public	Partners
  	Incoming email	Decrypting	Private	Corporate

• Keys used for signing/verification

  The following table displays the keys that are used for signing/verification and the area of the certificate store that they must be kept in.

  Technology	Direction	Gateway	Sender's key	Certificate store area
  S/MIME	Outgoing email	Signing	Private	Corporate
  	Incoming email	Verification	CA certificate for sender's public key --or-- Self-signed CA	Partners
  PGP	Outgoing email	Signing	Private	Corporate
  	Incoming email	Verification	Public	Partners

See also...

• Import and export key certificates
• Create an S/MIME or PGP private key
• Mark the default S/MIME decryption keys