Open with table of contents

Set up key encryption

To set up key encryption and signing, complete the following two procedures:

1. Configure the Encryption options in the System Center. Show me

   1. Import PGP and S/MIME certificates into the Partners area of the certificate store.

   2. Configure the default global encryption settings that you want to use.

      You can use your mail encryption endpoints to specify the encryption methods and keys that you need for your policy routes and content rules.

   3. Enable logging to monitor encryption activity. Show me

      1. Point to the System tab.
      2. Under Encryption, click Encryption/Decryption Defaults.
      3. In the Encryption/Decryption Logging area, click Click here to change these settings.

      4. In the list, select a logging level.

      5. Click Save.
   4. Define mail encryption endpoints to specify the encryption and/or signing methods that you need for your policy routes and content rules.
   5. Apply the configuration.
2. Configure the Policy Definition options in the Policy Center Show me

   1. Create a new policy route or edit an existing policy route.

   2. Enable encryption on the policy route.

   3. Optionally, override the policy route setting with a content rule.
   4. Optionally, modify the Encryption or decryption fails content rule to define the disposal action for the Email Gateway to take if an email message cannot be encrypted.
   5. Apply the configuration.

Tell me about...

• Required S/MIME and PGP certificates
• Mail encryption endpoints overview

How do I...

• Configure the encryption/decryption default settings
• Create a policy route
• Edit a policy route
• Enable encryption on a mail policy route
• Disposal Actions

• Apply the new configuration