profile tls
Use this command to configure TLS profiles that can be used by receive rules (also called access control rules) and delivery rules.
Syntax
config profile tls
edit <profile_name>
set level {encrypt | none | secure | preferred}
end
Variable |
Description |
Default |
Enter the name of the TLS profile. |
|
|
Enter the security level of the TLS connection. encrypt: Requires a basic TLS connection. Failure to negotiate a TLS connection results in the connection being rejected according to the none: Disables TLS. Requests for a TLS connection will be ignored. preferred: Allow a simple TLS connection, but do not require it. Data is not encrypted, nor is the identity of the server validated with a certificate. secure: Requires a certificate-authenticated TLS connection. CA certificates must be installed on the FortiMail unit before they can be used for secure TLS connections. For information on installing CA certificates, see the FortiMail Administration Guide. |
none |
|
Select the action the FortiMail unit takes when a TLS connection cannot be established. This option does not apply for profiles whose |
tempfail |