Appendix C Communications Express Pre-Installation Considerations

This appendix describes considerations you need to think about before installing Communications Express.

This appendix contains the following sections:

• Communications Express Installation Considerations

• Requirements for Using S/MIME with Communications Express Mail

Communications Express Installation Considerations

Before installing Communications Express, consider the following planning aspects:

• You cannot use the installer to install the Universal Web Client (UWC) or Access Manager on a sparse non-root global Solaris zone. Instead, you need to manually add the packages from the distribution CD using pkgadd.

• Delegated Administrator requires that you install Access Manager and the web container (either Web Server or Application Server) on the same host.

• You can deploy Communications Express and Access Manager in both SSL and non-SSL modes, either on the same or a different web container.

• Due to a JavaScript security dependency, you must install Communications Express and Messenger Express on the same host, or Communications Express and Messaging Express Multiplexor on same host (in a multi-tiered environment).

• You can plan for a distributed deployment in which Directory Server, Messaging Server, Calendar Server, and Access Manager are installed on separate hosts.

• If you are using Calendar Server hosted domains, you enable Communications Express support for hosted domains during the configuration phase.

• You can configure Communications Express for SSL or non-SSL. If you configure SSL, you can choose between having Communications Express clients use SSL only for authentication, or to use SSL for the entire session.

Requirements for Using S/MIME with Communications Express Mail

Communications Express Mail now includes the security advantages of the Secure/Multipurpose Internet Mail Extension (S/MIME). Communications Express Mail users who are set up to use S/MIME can exchange signed or encrypted messages with other Communications Express Mail users, and with users of the Microsoft Outlook mail system or other mail clients that support S/MIME.

General Requirements for S/MIME

The signature and encryption features of S/MIME are available to a Communications Express Mail user only after:

• A private and public key pair are issued with a certificate in standard X.509 format. The certificate assures other mail users that the keys really belong to the person who uses them. Keys and their certificate are issued from within your organization or purchased from a third-party vendor. Regardless of how the keys and certificate are issued, the issuing organization is referred to as a certificate authority (CA).

• The private-public key pair, with its certificate, are properly stored electronically in a local key store or distributed to end users on common access cards (CACs), referred to as smart cards.

• All public keys and certificates are stored to an LDAP directory, accessible by Directory Server. This is referred to as publishing the public keys to make them available to other mail users who are creating S/MIME messages.

• Card reading devices are properly installed on the client machines when private-public key pairs and their certificates are stored on smart cards.

• All the necessary platform software is installed on the client machines where Communications Express Mail is accessed.

• All the necessary Sun Microsystems software is installed and configured for S/MIME.

• The Communications Express Mail user is set up to use the Sun Microsystems mail system. This includes giving the user permission to use the S/MIME features.

Concepts You Should Know Before Deploying S/MIME

Before you deploy your mail system for S/MIME, be sure you are familiar with these concepts:

• Basic administrative procedures of your platform

• Structure and use of an LDAP directory

• Addition or modification of entries in an LDAP directory

• Configuration process for Sun Java System Directory Server

• Concepts and purpose of the following:

  • Secure Socket Layer (SSL) for a secured communications line

  • Digitally signed email messages

  • Encrypted email messages

  • Local key store of a browser

  • Smart cards and the software and hardware to use them

  • Private-public key pairs and their certificates

  • Certificate authorities (CA)

  • Verifying keys and their certificates

  • Certificate revocation list (CRL)

Where to Go for More Communications Express Information

To install and configure Communications Express, see the instructions in the Sun Java System Communications Express 6.3 Administration Guide.

To administer S/MIME, see Chapter Chapter 24, Administering S/MIME for Communications Express Mail, in Sun Java System Messaging Server 6.3 Administration Guide.