McAfee MAP-3300-SWG Product Guide - Page 83
Certificate Management, Import Certificate
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 83 highlights
Overview of Email features Email Configuration This information is also available by selecting System | Certificate Management | Certificate | TLS certificates and keys on the navigation bar. Table 60 Option definitions Option Certificate ID Subject Issuer Expires Delete View Export Import Certificate and Key Definition Displays the name of the certificate. Displays details about the certificate. Displays the certificate-issuing authority such as Thawte or Verisign. Displays the certificate's expiry date, such as May 05 2010 12:15:00. When clicked, deletes the selected certificate. When clicked, displays details of the selected certificate, such as its version, issuer, and public key. When clicked, opens another window, where you can choose to export the certificate or a complete certificate chain, and specify the certificate format. The file name extension is typically CRT. When clicked, opens another window where you can select a file. The imported certificate can be in one of these formats: • Binary (or DER-encoded) certificate file • PEM (Base64) encoded certificates • Binary PKCS#12 file • PEM-encoded PKCS#12 file To import a password-protected certificate, type the passphrase to unlock the private key. The appliance stores the decrypted certificate in a secure internal location. The appliance verifies the certificate, making it available to use, after you click to apply your changes: If a yellow exclamation point appears next to the certificate after you click the green checkmark to apply the change, the certificate is not currently trusted. Import the associated CA certificate before you use the new certificate. Import Certificate and Key Use this topic to understand the fields found within the Import Certificate and Key dialog box for Transport Layer Security. Email | Email Configuration | Protocol Configuration | Transport Layer Security (SMTP) | Certificate management When requesting that your TLS certificates be created, McAfee recommends that you include the hostname and the IP address for the appliance that will be decrypting the TLS-encrypted email. If your appliance is part of a cluster, and is configured in Transparent Router or Explicit Proxy mode, ensure that the you include the virtual hostname and virtual IP address for your cluster, rather than one of the physical IP addresses. McAfee Email and Web Security Appliances 5.6.0 Product Guide 83