With the inherent REDDOXX certificate authority (CA), certificates for your e-mail aliases can be created automatically by the Appliance on demand.
The advantage is that you save the costs for purchasing certificates as well as for administration.

The disadvantage is, that the mail recipient must have imported your root certificate once to recognize the validity of your certificates.
Another disadvantage is, that so created certificates can not be checked with CRL or OCSP.

The following steps are required to generate the REDDOXX CA:

  1. In the admin webinterface select MailSealer -> REDDOXX CA
  2. Click on "Root CA Certificate" -> "Generate"
  3. Provide the common name and optional descriptive information as well as start and ending validity period
  4. Confirm with "save", this creates the REDDOXX Root CA that will further be listed in the Certificate Authorities by the previously provided common name
  5. Switch to the MailSealer settings, enable the MailSealer and "apply settings"
  6. Switch to the next tab "MailSealer" and select "Auto create certificates"
  7. Confirm with "apply settings"
  8. Switch to the policy settings panel and provide incoming and outgoing policies to define for witch email addresses the mailsealer has to be used
  9. To provide the REDDOXX Root CA to other communication partners, export the REDDOXX Root CA either in the REDDOXX CA panel via "export" or from the Certificate Authorities panel

To make it easier for your communication partner to exchange your root certificate, you can provide your root certificate on one of your web servers for download.
It would be best if your web server is equipped with an SSL certificate, so that your communication partner can trust the root certificate he wants to download there.