01-10-2018 05:49 AM - edited 03-08-2019 07:31 PM
Hi,
We are trying to import a certificate in our ESA, this certificate will be used to encrypt the connection with the another peer, so this certificate is from the other end. Do we need the another certificate´s peer???Currently mails are going in plain-text. Im trying to import the certificate in pkcs12 but i get this error: "Invalid certificate".
Why i can get this error??
Regards.
01-10-2018 07:02 AM
The certificate to be installed on the ESA is what the ESA would offer when negotiating TLS.
The Invalid Certificate error can be generated due to multiple causes:
1. If you edited the certificate manually through a source other than the IronPort, then please check with that software vender to verify if the certificate was generated properly using their software (also make sure that the certificate contains the private key).
2. If you generated the CSR from the IronPort, took it to your (CA), and now trying to upload it back into the IronPort, then verify that you are uploading it into the Certificate Profile in which you created the CSR.
3. Certificates are imported in PKCS#12 format, however if you are applying a signed certificate for a CSR generated from the Ironport it has to be in PEM format.
Regards,
Libin Varghese
01-10-2018 07:29 AM
I explain:
We have our certificate in our ESA to say who we are. But, the other end has given us its certificate so that we import it in our ironport and in this way trust them for better encryption security since it is currently in plain text. I think this makes no sense.
01-10-2018 07:32 AM
01-10-2018 07:53 AM
We dont have any SMIME. We would like to encrypt the mails (actually sms goes in plain text) between two diferent sites. So the other customer gave us his certificate in order to import in our ESA and cypher this mails. how could we do that??
01-10-2018 08:03 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide