Sending encrypted email
You can configure outbound mail from the Pega 7 Platform to use the S/MIME protocol to send encrypted email messages to external email addresses. This article assumes that the Pega 7 Platform is already configured to send plain, unencrypted emails.
To configure outbound encrypted email:
- Open your existing JKS keystore file (which you created outside of the Pega 7 Platform) and note the certificate alias from within that file.
- Create a Pega 7 Platform Data-Admin-Keystore rule instance.
- Upload the JKS file to the Pega 7 Platform.
- Set the password, and save the rule.
- Obtain the keystore aliases for any email addresses that are in the keystore file.
New Data-Admin-Keystore instance
- Create the pyEmailCertificateMap decision table rule in the Data-Admin-Security-Keystore class in a local ruleset by clicking Create>Decision>Decision Table. Do not alter the Purpose or the Applies To class. Edit the decision table to include the following information:
- Email Address – Specify the email address of the intended recipient of the encrypted message.
- Keystore Instance – Specify the keystore instance that you want to use for encryption.
- Keystore Alias – Specify the keystore alias for the email address.
- To send the encrypted message, create an activity that calls the standard SendEmailNotification activity. Your application can supply fixed, hardcoded values for the SendEmailNotification activity or pass in property references.
- Select the EncryptMessage check box to enable encryption.
- Call the activity that you created in step 7 during flow processing to send the email by using the parameters that you provided.