Certificates and PGP keys

NoSpamProxy Encryption requires the certificates or PGP keys of users who want to send signed emails to external email recipients and receive encrypted email responses for the full deployment of the email signature and encryption actions.

  • The certificate management gives you access to all certificates that are currently stored in NoSpamProxy Encryption. This includes both own and public certificates as well as root and intermediate certificates.
  • The PGP key management gives you access to all cryptographic keys currently stored in NoSpamProxy Encryption.

You can access all available certificates via the certificate management.

The PGP key management gives you access to all available PGP keys.

Supported certificate types

NoSpamProxy supports the following certificates:

  • Certificates that use the Elliptic Curve Digital Signature Algorithm (ECDSA). The use of ECDSA enables encryption according to the S/MIME standard 4.0 in accordance with RFC 5751.
  • Certificates that use the Rivest-Shamir-Adleman (RSA) procedure.

General notes

NOTE: The Gateway Role automatically collects public certificates from emails sent to local addresses.

NOTE: Intermediate and root certificates as well as PGP keys are also collected from emails to local addresses, but no chain of trust can be established for these keys. For this reason, they are first quarantined and must be approved by the administrator.

NOTE: You can import additional certificates from files in CER, DER, P12 and PFX file formats into NoSpamProxy Encryption. The collected certificates are used by or collected by the S/MIME encryption and S/MIME signature actions. See Signing and/or encryption of emails.