5.1 Signing email messages

MyID can sign the content of the email messages it sends. You must make sure that you have set up the following:

• Set up the certificate template on the certificate authority to include the Secure Email attribute in the Application Policies extension.

  Note: If you do not set this attribute on the certificate template, the email messages will be sent, but will be unsigned.

• Configure the MyID application server that is processing the email with a valid signing certificate.

  To configure the application server's signing certificate:

  • Import or create an email signing certificate where the Subject matches the From address of the SMTP configuration.
  • Export the email signing certificate to a .cer file on the application server.

  • Set the following registry value to the full path of the .cer file on the application server:

    HKEY_LOCAL_MACHINE\SOFTWARE\Intercede\Edefice\Server\Mail\SigningCertificate

• Set the Sign outgoing emails option for the SMTP server in the External Systems workflow.

• Set the Signed option for the appropriate email template in the Email Templates workflow.