Configure SecureZIP for Windows for Entrust Entelligence Security Provider 7.x for Windows



Similar documents
Using Entrust certificates with Microsoft Office and Windows

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Entrust Managed Services PKI Administrator Guide

tips A quick and easy guide to securing your private information

Using etoken for Securing s Using Outlook and Outlook Express

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

How to install and use the File Sharing Outlook Plugin

Entrust Managed Services PKI

Entrust Managed Services PKI Administrator s Quick Start Guide

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Adding Digital Signature and Encryption in Outlook

Security Assertion Markup Language (SAML) Site Manager Setup

Windows Live Mail Setup Guide

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

Scan to Quick Setup Guide

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

SecureZIP User Guide

ONBASE OUTLOOK CLIENT GUIDE for 2010 and 2013

1. Open the Account Settings window by clicking on Account Settings from the Entourage menu.

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Group Management Server User Guide

SQL Server 2008 R2 Express Edition Installation Guide

Video Administration Backup and Restore Procedures

Managed Services PKI 60-day Trial Quick Start Guide

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

How to set up Outlook Anywhere on your home system

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

ADFS Integration Guidelines

Installation and Configuration Guide

Clearswift Information Governance

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Using Entrust certificates with Adobe PDF files and forms

Using LDAP Authentication in a PowerCenter Domain

Quick Scan Features Setup Guide

Migrating MSDE to Microsoft SQL 2008 R2 Express

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Integrating LANGuardian with Active Directory

Manual. 3CX Phone System integration with Microsoft Outlook and Salesforce Version 1.0

Enterprise Toolbar User s Guide. Revised March 2015

I. Configuring Digital signature certificate in Microsoft Outlook 2003:

Using TLS Encryption with Microsoft Outlook 2007

Exostar LDAP Proxy / Secure Setup Guide. This document provides information on the following topics:

ing from The E2 Shop System address Server Name Server Port, Encryption Protocol, Encryption Type, SMTP User ID SMTP Password

SECURE USER GUIDE OUTLOOK 2000

Jumble for Microsoft Outlook

Note: With v3.2, the DocuSign Fetch application was renamed DocuSign Retrieve.

Certificate Management for your ICE Server

1. Open Thunderbird. If the Import Wizard window opens, select Don t import anything and click Next and go to step 3.

Personal Secure Certificate

Aventail Connect Client with Smart Tunneling

Using Internet or Windows Explorer to Upload Your Site

SQL EXPRESS INSTALLATION...

IMPORTANT: You must complete this step before you can install and activate SafeSend.

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Configuring Outlook 2013 For IMAP Connections

QUANTIFY INSTALLATION GUIDE

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Set Up Setup with Microsoft Outlook 2007 using POP3

CIMHT_006 How to Configure the Database Logger Proficy HMI/SCADA CIMPLICITY

Configuring Microsoft RADIUS Server and Gx000 Authentication. Configuration Notes. Revision 1.0 February 6, 2003

Immotec Systems, Inc. SQL Server 2005 Installation Document

Update Instructions

Creating IBM Cognos Controller Databases using Microsoft SQL Server

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Configure Outlook 2007 for Brandeis Gmail

CA Nimsoft Service Desk

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

3. On the Accounts wizard window, select Add a new account, and then click Next.

Getting started with IMAP for Aggi What is IMAP?

Digitally Sign an InfoPath form and Submit using

Setting up LDAP settings for LiveCycle Workflow Business Activity Monitor

Set up Outlook for your new student e mail with IMAP/POP3 settings

Simple Scan to Setup Guide

Certificates for computers, Web servers, and Web browser users

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Information & Communication Technologies FTP and GroupWise Archives Wilfrid Laurier University

HDAccess Administrators User Manual. Help Desk Authority 9.0

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid)

DIGIPASS CertiID. Getting Started 3.1.0

Client configuration and migration Guide Setting up Thunderbird 3.1

Use Enterprise SSO as the Credential Server for Protected Sites

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V

uh6 efolder BDR Guide for Veeam Page 1 of 36

How to Secure a Groove Manager Web Site

PaperClip. em4 Cloud Client. Setup Guide

Connecting to Delta College Exchange services off-campus

Windows 7 Hula POS Server Installation Guide

Outlook 2010 Setup Guide (POP3)

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Active Directory Integration for Greentree

WirelessOffice Administrator LDAP/Active Directory Support

Creating client-server setup with multiple clients

Accessing the Media General SSL VPN

IIS, FTP Server and Windows

Configuration Task 3: (Optional) As part of configuration, you can deploy rules. For more information, see "Deploy Inbox Rules" below.

Outlook Operating Instructions. Internal Desktop Access

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Version 9. Active Directory Integration in Progeny 9

Parallels Plesk Panel

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

Transcription:

Configure SecureZIP for Windows for Entrust Entelligence Security Provider 7.x for Windows SecureZIP for Windows interoperates with leading PKI vendors including Entrust, VeriSign, and RSA to enable the use of digital certificates for encryption and digital signing. This guide describes how SecureZIP interoperates with Entrust digital certificates and Entrust certificate stores. It assumes that you have already configured the Entrust Entelligence Security Provider 7.x for Windows and have generated end user certificates. For more information about installing and configuring the Entrust Entelligence Security Provider 7.x for Windows, please contact Entrust support: Contents http://www.entrust.com/support/index.htm Configure SecureZIP for Windows for Entrust Entelligence Security Provider 7.x for Windows... 1 Notes... 2 Configure SecureZIP for Windows To Access Digital Certificates... 2 Point SecureZIP to Entrust Certificate Stores... 2 Specify Default Certificates in SecureZIP... 4 Turn On Encryption and/or Signing in SecureZIP... 5 Use Entrust Certificates for Encryption and Digital Signing... 6 Encryption Workflow... 6 Decryption and Digital Signature Workflow... 7 PKWARE, the PKWARE Logo, and PKZIP are registered trademarks of PKWARE, Inc. SecureZIP is a trademark of PKWARE, Inc. Trademarks of other companies mentioned appear for identification purposes only and are the property of the respective companies. 6.8/11/05

Notes To access certificates stored in Entrust directories, SecureZIP requires the Directory Integration module, a separately licensed add on to SecureZIP. SecureZIP integrates with LDAP compliant directories, including Entrust, Microsoft Active Directory, Sun iplanet, Novell edirectory, and OpenSSL. SecureZIP co exists with the Entrust Entelligence Desktop Manager on client machines. If you are using both SecureZIP and Entelligence Desktop Manager for different purposes, you may do so without interruption. Configure SecureZIP for Windows To Access Digital Certificates To configure SecureZIP for Windows to use certificates for encryption and decryption and for working with digital signatures, you must take the following actions: Add the Entrust certificate store(s) to the list of stores SecureZIP checks for certificates For each end user, set a SecureZIP option to designate a personal certificate to use by default for certificate based encryption and digital signing Turn on encryption or signing in SecureZIP to have SecureZIP encrypt or sign files The following sections describe how to do each operation. Point SecureZIP to Entrust Certificate Stores For SecureZIP for Windows to access Entrust certificates to encrypt for the certificates owners, you must tell SecureZIP where the certificates are. To do this, open SecureZIP and do the following: 1. In the Tools menu, select Options to open the SecureZIP Options dialog. 2. Select the Security category. 3. Select the Certificate Stores tab to see a list of certificate stores SecureZIP can search. 2

The Certificate Stores list contains an item for every certificate store SecureZIP knows about. A store is labeled either Local or LDAP in the Type column, depending on whether the store is on your local system or on an LDAP compliant directory server such as an Entrust directory. LDAP is a protocol used by Entrust s directory and other directory servers. 4. Choose the Add button to open a new LDAP Properties page. 5. In the LDAP Properties dialog, fill in the fields with the information SecureZIP needs to access the Entrust directory. When done, choose OK to return to the Certificate Stores tab. The fields in the LDAP Properties dialog are described in the following table. The fields marked Optional may be left blank unless they are required to access the server. Only the Name and Base fields are required. 3

Field Name Server Port Base User Password Description A label to identify the server in the Certificate Stores list. For example: Gamma (Optional) The TCP/IP address of the LDAP server or a name that resolves to such an address. For example: 192.172.0.1 (Optional) The TCP/IP port to use. Port 389 is customary and is entered as the default. The name of the entry that SecureZIP should use as the base or root of the LDAP search for certificates, analogous to a root folder or directory in a file system. For example: cn=users,dc=xyz,dc=com The query string format for the LDAP base can vary between LDAP implementations. For example, a server may expect query strings in the Internet domain-style format used by default by Microsoft Active Directory (for example, cn=users,dc=xyz,dc=com), or it may expect them in X.500 naming format (for example, o=xyz,c=us). Check with your LDAP or network administrator for the query string to use. (Optional) The user account with which to log in if the LDAP server requires a login (Optional) The password associated with the user account 6. On the Certificates Stores tab, choose OK or Apply to save the new certificate store for SecureZIP to use. Specify Default Certificates in SecureZIP Users may have one or more personal certificates that they use to encrypt or digitally sign files. If a user has only one certificate, SecureZIP automatically uses that certificate. If a user has more than one, the user can tell SecureZIP which certificate to use by default. Because the certificates are different for each user, the following steps must be done for each user. To specify a default certificate to always include when encrypting (so that the user can decrypt files he or she encrypts): 1. In SecureZIP, in the Tools menu, select Options to open the SecureZIP Options dialog. 2. Select the Security category. 3. Select the Encryption tab. 4

4. In the Method dropdown, select one of the two Recipient list options to enable the list of personal certificates. In the list, a valid certificate displays with a green check mark; an invalid certificate shows a red X. 5. Select a certificate to use by default. If you have only one, it is used automatically. 6. Click OK or Apply To specify a default certificate to use when signing: 1. In SecureZIP, in the Tools menu, select Options to open the SecureZIP Options dialog. 2. Select the Security category. 3. Select the Authentication tab. 4. Select a certificate to use by default from the list of your personal certificates. If you have only one certificate, it is used automatically. A valid certificate displays with a green check mark; an invalid certificate shows a red X. 5. Click OK or Apply Turn On Encryption and/or Signing in SecureZIP To use certificates to encrypt or sign files in SecureZIP, those functions must be turned on. SecureZIP then routinely encrypts and/or signs files until you turn the functions off. By default, encryption is turned on and signing is turned off. To turn on certificate based encryption: 1. On the Encryption tab of Security Options, in the Method dropdown list, select one of the following: o o Strong: Recipient List Strong: Recipient List or Password 2. Check the box Encrypt files. See the SecureZIP help for other, more direct ways to turn on encryption. 5

To turn on signing, choose Sign Files on/off from the Actions menu. Again, there are other, more direct ways. SecureZIP is now set up to do certificate based encryption and apply digital signatures. Use Entrust Certificates for Encryption and Digital Signing End users are now ready to begin using Entrust certificates to secure files with SecureZIP. Each end user has what Entrust refers to as a security store. The security store is where the end user s digital certificate resides. A certificate is comprised of a public and private key pair. The public key is used for encryption, and the private key is used for decryption and digitally signing files. The following information describes how SecureZIP interacts with Entrust from an end user s perspective. Encryption Workflow During encryption end users are not required to be logged in to their Entrust security store. Rather, SecureZIP automatically locates the public key for encryption in the configured Entrust directory (Refer to the section above, Point SecureZIP to Entrust Certificate Stores for configuration details). When encrypting, the SecureZIP user simply needs to select names of persons to encrypt for from the dialog shown below. The dialog displays when users encrypt files for a new or existing archive or for an email attachment sent using SecureZIP s Microsoft Outlook integration. 6

Entrust certificates Decryption and Digital Signature Workflow The end user must be logged in to the Entrust security store when decrypting or digitally signing files so that SecureZIP can access their private key. If the user is not logged in, but SecureZIP requires access to the private key, Entrust displays the login prompt shown below. 7

Once logged in, the end user can digitally sign files and/or decrypt files with SecureZIP. Note: Entrust security stores can be configured to automatically log the user out after a set period of inactivity. A user who is logged out can simply log back in to continue using SecureZIP with certificates. 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information