Mark the default S/MIME decryption keys

When using S/MIME encryption, a number of default decryption keys can be specified. An organization that has multiple domains is likely to have one default key per domain, but may also issue default decryption keys on a partner-by-partner basis as well.

There is no limit on the number of certificate/key pairs that can be marked, but there will be a gradual effect on performance depending on the number of keys that need to be tried before a message can be decrypted.

Only corporate S/MIME certificates that have a private key component can be marked as being default decryption keys.

To specify the corporate key that, by default, should be used to try to decrypt an S/MIME message:

1. Navigate to System > Encryption and click Certificate Store.
2. Click the Corporate tab.
3. In the list of certificates in the information panel, click an S/MIME certificate.

4. In the task panel,click Use as default decryption key.

5. Apply the configuration.

See also...

• Apply the new configuration