05-24-2021 11:39 PM
Hi,
i have requirement to setup DKIM in two cisco ESA appliance, but all documentation only describe at one appliance.
my requirement is i want to setup two ESA appliance with same domain.
are there any suggestion or related documentation for my scenario ?
Regards
05-25-2021 05:28 AM
That is very easy :
Mail Policies / Signing Keys / Export Keys
this will export all DKIM signing keys into a single file onto the configuration directory of your ESA
Mail Policies / Signing Profiles / Export Profiles
this will export all DKIM signing profiles into a single file onto the configuration directory of your ESA
You then download both files to our PC and upload them into the config dictionary of ESA 2.
Then you use
Mail Policies / Signing Keys / Import Keys
Mail Policies / Signing Keys / Import Profiles
This will overwrite the existing DKIM keys and profiles on ESA2.
We do that about 1x a week. I hope that helps.
05-25-2021 06:16 AM
05-26-2021 05:57 AM
Hi Ken,
a) we add about 1-2 domains per month which we need to enable with new DKIM keys
b) we have for every domain a user and a systems DKIM signing key
c) we roll over user keys 1-2 times a year, unless required more often
d) we roll over some patient application keys at least quarterly
So busy in that area...
-Marc
05-26-2021 05:58 PM
Hi Marc,
Thanks for your answer
is it possible if i created two selector for each ESA ? for example
ESA01 : s1._domainkey.example.com
ESA02 : s2_domainkey.example.com
because export import activity will be troublesome for the operation team
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide