A self-signed certificate can be used for either HTTPS communication or SMTP/TLS. Some mail servers may not be able to recognize a self-signed certificate that is used for SMTP/TLS. Many mail servers require a certificate authority-signed certificate.
Symantec Messaging Gateway includes preinstalled CA certificates for many common certificate authority vendors. Add a CA certificate if a certificate authority issues you an SMTP/TLS or HTTPS certificate and that certificate authority's CA certificate is not already in the Control Center.
Another reason to add a CA certificate is if your certificate requires an intermediate CA certificate. When you add the CA certificate, you complete the certificate chain to permit authentication of a certificate authority-signed certificate.
Request a certificate authority-signed certificate.
A certificate authority-signed certificate is more likely than a self-signed certificate to be effective for SMTP/TLS communication. It can also be used for HTTPS communication. Some possible CAs to use are listed on the Certificate Authority tab in the Control Center. However, other CAs are also supported.
Import a certificate authority-signed certificate into the Control Center.
When you receive a certificate from a certificate authority (CA), you must import it to make it available in the Control Center. In addition to the certificate, the CA might have sent you an intermediate CA certificate that you also need to install in the Control Center.