Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
924
Views
0
Helpful
1
Replies

Why do we need Destination Control Certificates?

ChadH63728
Level 1
Level 1

‎10-17-2022 12:23 PM

Have a cisco Ironport C190 that is using the default ESA certificate for Destination Control. What is the purpose of having a certificate for outbound emails? Typically if you connect to a server you would use their certificate, so why do I need one to send email to a remote server? Seems backwards to me. 

Labels:
0 Helpful
1 Reply 1

dmccabej
Cisco Employee
Cisco Employee

‎10-18-2022 08:25 PM

Hello,

The Destination Controls certificate would be used for certificate validation (when requested from the server) during the TLS handshake, if and when TLS is used. While this is not common, and you can most likely get away with a self-signed certificate during delivery, it is typically best practice to utilize a 3rd party signed and trusted certificate in case this is required. 

You can read more about the Certificate Request during the handshake within the TLS RFC. 

 

https://www.rfc-editor.org/rfc/rfc5246#page-53

 

Thanks!

-Dennis M.

0 Helpful
Customers Also Viewed These Support Documents