Exchanging certificates via Stormshield Data Mail

In practice, certificates are seldom exchanged between users. LDAP directories are generally used to share certificates between peers. Manual exchanges are used only when sharing certificates with colleagues outside a company, or for test purposes.

Certificate exchange procedures differ depending on whether you use Stormshield Data Mail. If you do not have Stormshield Data Mail, you will need to use the certificate export/import procedures described in Looking up the trusted address book and managing certificates from the SDS Enterprise agent, and then send your certificate file by any appropriate means of communication.

By signing a message, Stormshield Data Mail facilitates certificate exchanges by automatically attaching signature and encryption certificates (and their entire trust chain) to secure messages.

NOTE

Self-signed certificates are not attached to signed messages.

To exchange certificates by sending a message, follow the procedure below:

  1. In Microsoft Outlook, if peers have shared their certificates by signing a message with SDS Enterprise, in the lower Stormshield Data Security banner, click on Import certificates.

  2. Certificates are then imported and your trusted address book is up to date. The link will no longer appear in the lower banner.

If an error occurs, refer to the security report. For more information, refer to Securing e-mails in the SDS Enterprise Advanced user guide.