Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Receiving encrypted email

Updated on April 6, 2022

Configure your application to receive encrypted email messages from external sources. With this configuration, you ensure that your application accepts secure and authentic email messages.

Before you begin:
  1. Make sure that Pega Platform is already configured to receive plain, unencrypted emails. For more information, see Configuring outbound email in App Studio.
  2. Open your existing JKS keystore file and take note of the private key alias in that file. You need the private key alias to create the keystore in Pega Platform.
  3. Obtain the keystore aliases for any email addresses that are in the keystore file. You need to specify the keystore aliases in the pyEmailCertificateMap decision table in Pega Platform.
  4. Create a keystore and upload the JKS file to Pega Platform.

    For more information, see Creating a keystore for application data encryption and Configuring a keystore by uploading a file.

Email listeners in Pega Platform support the standard S/MIME protocol. When an email message arrives in your inbox, the email listener finds encrypted emails by identifying the following supported content types:

  • application/pkcs7-mime; smime-type=enveloped-data;
  • application/x-pkcs7-mime; smime-type=enveloped-data;

After the email listener identifies the encrypted email messages, it looks for corresponding entries of the encrypted email ID in the pyEmailCertificateMap decision table, to decrypt the email message.

  1. In the header of Dev Studio, search for and select the pyEmailCertificateMap decision table rule.
  2. On the pyEmailCertificateMap decision table rule form, click Save as and save the decision table in the Data-Admin-Security-Keystore class in a local ruleset.
    Note: Do not alter the Purpose or the Applies To class.
  3. Click Create and open.
  4. On the Table tab, in the decision table, enter the following information:
    1. In the Email address column, specify the email address that you are using to receive encrypted messages.
    2. In the Keystore instance column, specify the keystore instance that you want to use for encryption.
    3. In the Keystore alias column, specify the keystore alias for the email address.

    For more information, see Creating decision tables.

    pyEmailCertificateMap decision table
    Entering information in the pyEmailCertificateMap decision table
  5. Click Save.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us