Create Encryption Certificate Lookup Server

When setting up an encrypted email notification, a user's key is going to be available by using an LDAP query. This means that you'll need to be able to setup the LDAP server, so that the system knows how to query for the specific user's key.

This process, while similar to creating an LDAP server for authentication, is being used specifically for email encryption.

To create an encryption certificate lookup server, complete the following steps.

On the toolbar, click System > Email Encryption.
Under the Encryption Certificate Lookup Servers section, click Create.
Complete the General Properties section.
1. In the Name field, enter a unique name for the server.
2. Select the Enabled check box.
3. In the Host field, enter the IP address or DNS name of the remote server.
4. In the Port field, enter the port on which the remote server is listening.
5. Select an Encryption type.
6. Set the number of Server Retries that will be made to contact the remote server.
7. Set the Server Timeout to wait for a response from the remote server.
Complete the LDAP section.
1. Complete the fields in General Schema Settings.
2. Complete the fields in User Scheme Settings.
Enable the Hard Fail Revocation option. When enabled, if the certificate revocation list distribution point (CDP) cannot be reached the certificate validation check will fail. When disabled, failure to reach the CDP will be ignored and the certificate assumed to not be revoked.
Click Test.
1. Enter an optional email address.
2. Click Begin Test.
3. Review results.
4. Click Close.
Click Save.