ZCS Administrator's Guide 8.0.4
ZCS Administrator's Guide 8.0.4
Network Edition


Managing Configuration > Setting Up S/MIME

Setting Up S/MIME
S/MIME is a standard to send secure email messages. S/MIME messages use digital signature to authenticate and encrypt messages.
Prerequisites
*
*
*
S/MIME License
You must have a ZCS license that is enabled for S/MIME.
Enable S/MIME Feature
The S/MIME feature can be enabled from either the COS or Account Features Tab.
1.
2.
3.
Click Save.
Importing S/MIME Certificates
Users can send encrypted messages to recipients if they have the recipients’ public-key certificate stored in one of the following:
*
*
*
The certificates should be published into the LDAP directory so that they can be retrieved from the GAL. The format of the S/MIME certificates must be X.509 Base64 encoded DER.
Configure External LDAP Lookup for Certificates
If you use an external LDAP to store certificates, you can configure the Zimbra server to lookup and retrieve certificates from the external LDAP, on behalf of the client. You can configure the external LDAP server settings from either the Global Settings>S/MIME tab or the Domains>S/MIME tab.
Note:
1.
2.
In the Configuration Name field, enter a name to identify the external LDAP server. Example, companyLDAP_1
3.
In the LDAP URL field, enter the LDAP server’s URL.
Example, ldap://host.domain:3268
4.
To use DN to bind to the external server, in the S/MIME LDAP Bind DN field, enter the bind DN. Example, administrator@domain
If you want to use anonymous bind, leave the Bind ND and Bind password fields empty.
5.
In the S/MIME Ldap Search Base field, enter the specific branch of the LDAP server that should be searched to find the certificates.
Example, ou=Common Users, DC=host, DC=domain
Or, check Automatically discover search base to automatically discover the search base DNs. For this to work, the S/MIME Search Base field must be empty.
6.
In the S/MIME Ldap filter field, enter the filter template for the search. The filter template can contain the following conversion variables for expansion:
7.
In the S/MIME Ldap Attribute field, enter attributes in the external LDAP server that contain users’ S/MIME certificates. Multiple attributes can be separated by a comma (,).
Example, “userSMIMECertificate, UserCertificate”
8.
Click Save.
To set up another external LDAP server, click Add Configuration.
Copyright © 2013 VMware Inc.