Support

Support for business applications

Kaspersky Security 9.x for Microsoft Exchange Servers

To administrator

Using Kaspersky Security in Windows PowerShell

Working with a message signature decryption key

Kaspersky Security 9.x for Microsoft Exchange Servers
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Working with a message signature decryption key

April 2, 2024

ID 158385

For security purposes, the application signs each message sent to recipients from Backup with a header containing an encrypted hash of the message.

A signature decryption key is generated automatically during installation or upgrade of the application. When necessary, you can also re-generate a key.

Users in the Kse Administrators group can perform actions with the message signature decryption key in the Windows PowerShell environment on the Hub Transport server. To work with a key on an Edge Transport server, all you have to do is run the Windows PowerShell as an administrator.

To export a key:

  1. Run Windows PowerShell (Run as Administrator) and connect the Kse.Powershell library.
  2. Run command:

    Export-MessageSignKey -FileName <file path> -Server <server name>

    where:

    • <file path> – path to the file to which the key will be exported, including the file name.
    • <server name> – name of the Microsoft Exchange server processing the request.

The key will be saved to the specified file.

When the command is executed on a server deployed in the Hub Transport role, the keys of all Microsoft Exchange servers added to the domain are exported. All keys are written to one file.

When the command is executed on a server deployed in the Edge Transport role, only the key of the specific server is exported.

To import a key:

  1. Run Windows PowerShell (Run as Administrator) and connect the Kse.Powershell library.
  2. Run command:

    Import-MessageSignKey -FileName <file path> -Server <server name>

    where:

    • <file path> – path to the key file, including the file name.
    • <server name> – name of the Microsoft Exchange server on which the key is being imported.

The key will be imported to the server.

To re-generate a key:

  1. Run Windows PowerShell (Run as Administrator) and connect the Kse.Powershell library.
  2. Run command:

    Regenerate-MessageSignKey -Server <server name>

    where <server name> is the name of the Microsoft Exchange server for which the key is being re-generated.

The key will be reissued.

Kaspersky Security для Microsoft Exchange Servers — Комплексная защита электронной почты
Надежная защита деловой переписки от спама и всех угроз. Фильтрация контента, конфиденциальность и соответствие требованиям регуляторов
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.