Procedure

1. Go to Administration → Mail Settings → Connections.
2. Go to the bottom of the page to the section titled Transport Layer Security.
3. Select Enable Incoming TLS.
   This option allows the TippingPoint Advanced Threat Protection for Email SMTP Server to provide Transport Layer Security (TLS) support to SMTP email relays, but does not require that email relays use TLS encryption to establish the connection.
4. Select Only accept SMTP connections through TLS for TippingPoint Advanced Threat Protection for Email to only accept secure incoming connections.
   This option enables the TippingPoint Advanced Threat Protection for Email SMTP server to accept messages only through a TLS connection.
5. Click a Browse button next to one of the following:

   Option	Description
   CA certificate	The CA certificate verifies an SMTP email relay. However, TippingPoint Advanced Threat Protection for Email does not verify the email relay and only uses the CA certificate for enabling the TLS connection.
   Private key	The SMTP email relay creates the private key by encrypting a random number using the TippingPoint Advanced Threat Protection for Email SMTP server's public key and an encryption key to generate the session keys. The TippingPoint Advanced Threat Protection for Email SMTP server then uses the private key to decrypt the random number in order to establish the secure connection. This key must be uploaded to enable a TLS connection.
   SMTP server certification	SMTP email relays can generate session keys with the TippingPoint Advanced Threat Protection for Email SMTP server public key. Upload the key to enable a TLS connection.

6. Click Save.