In order to use PKI for Secure Mail, an Account should have its own Private Key and a Certificate with its Public Key. The Private Key should be protected as much as possible, while the Certificate should be easily accessible by anyone.
CommuniGate Pro stores the Certificate in the Account Settings (as the "userCertificate" element), and also it copies the Certificate into the Directory - if the Directory Integration is enabled.
CommuniGate Pro stores the Private Key in the Account Settings, but it encrypts the Private Key with a "Secure Mail Password". To use any of the Secure Mail functions, you should enter the "Secure Mail Password" to let the server read and decrypt your Private Key.
Note: The server does not store your Secure Mail Password anywhere. If you forget the password, you will need to obtain a new Private Key and Certificate. This means that your will not be able to decrypt any message encrypted with your old Public Key. Neither your System Administrator nor CommuniGate Systems will be able to help you get those messages back.
Note: While it is very important to remember your Secure Mail Password, it is not too difficult to do: the Secure Mail Password can be a word or a phrase (up to 100 symbols), in any language.
You can use your regular E-mail client (such as Microsoft® Outlook or Netscape® Messenger) to obtain a personal Private Key and Certificate (also called "Digital ID"). You can then export that "Digital ID" to a .pfx or .p12 file - a so-called PKCS#12-formatted file. In order to protect your data, the E-mail client will ask you for a password, and will encrypt the exported information with that password. Note: while the file format supports non-ASCII symbols in a file password, you should use ASCII symbols only, as many E-mail clients (including Outlook) do not process national symbols correctly.
Connect to the Server using the WebUser Interface, and open the Settings section. Click the Secure Mail link to open the page that contains the following fields:
Note: If you do not see the Secure Mail link on your Settings pages, it means that your Account or Domain has the S/MIME service disabled.
Enter the name of the saved .pfx or .p12 file or use the Browse button to select the file on your workstation disks. Enter the File Password you used when you created that file.
Enter the password that will become your Secure Mail Password - this password will protect your Private Key on the CommuniGate Pro server. Enter this password twice, into two fields, and click the Import File Data button. If you have entered the correct File Password, the Certificate and Private Key information will be stored in your CommuniGate Pro Account settings.
Alternatively, you can ask the CommuniGate Pro server to generate a Private Key and a Certificate for you. Use the Generate Key And Certificate button: