Console Settings

The Hermes SEG Console Settings sets the method you wish to access Hermes SEG machine which includes the Admin Console, User Console and the Ciphermail Console. By default, the Console Mode is set to IP Address, however, an IP address is not contusive to using SSL certificates. Therefore, if you plan to use a SSL certificate to access the Hermes SEG machine, you must set the Console Mode to Host Name. The Host Name you set it does NOT necessarily have to the the same Host Name you set in Network Settings above. The Host Name and Primary Domain Name you set in the Network settings is used for SMTP transactions such as SMTP TLS and it's not related to Hermes SEG console access.

Set the Console Mode drop-down to Host Name and in the resultant Host Name field that appears, fill in the desired host anem you wish to use (Figure 1):

Figure 1

The Console Certificate field is pre-populated with the system-self-signed certificate. If you wish to use a SSL certificate you set in the Set System Certificates section above, simply delete the system-self-signed entry and start typing the friendly name of the certificate you setup previously that matches the host name. The system will locate the certificate and display it in a drop-down list. Click on the certificate and the system will automatically populate all the rest of the Certificate fields such as the Subject, Issuer, Serial and Type (Figure 2):

Figure 2

Figure 3

After clicking the Submit button and you changed the Console Mode from IP Address to Host Name, your browser will NOT automatically redirect you to the new console address. Ensure you enter the new address in your browser as https://<HOST_NAME>/admin/ where <HOST-NAME> is the new Host Name you set above.

Additionally, we recommend that you generate a DH (Diffie-Hellman) Parameters file by clicking the Generate DH Parameters File button and on the resultant Generate Diffie-Hellman (DH) Parameters File confirmation window, click on Yes (Figure 4):

Figure 4

Generating a DH Parameters file can take a very long time to complete (~40 minutes on 1-CPU systems). You can proceed to configure the rest of your system (DO NOT reboot the system while it's generate a DH Parameters file) and check back under System --> Console Settings to see if a new Diffie-Hellman (DH) key-exchange drop-down appears set it to Enable and click the Submit button below (Figure 5).

Figure 5

If you follow the above recommendations, you should be able to achive an A+ rating on the Qualys SSL Labs SSL Server Test (Figure 6):

Figure 6

Introduction

Getting Started

Upgrade and Migrate Hermes SEG 18.04 to 20.04

Requirements and Recommendations

OVA/Hyper-V Appliance URL and Default Credentials

Hermes SEG E-mail Flow

Encryption

AD Integration

Admin Authentication

Admin Console Firewall

Network Settings

Console Settings

Mail Queue

System Logs

System Backup

System Certificates

System Restore

System Settings

System Status

System Update

System Users

Email Archive

System Reboot & Shutdown

SMTP TLS Settings

Relay Host

Relay Domains

Relay IPs & Networks

Internal Recipients

Virtual Recipients

Perimeter Checks

RBL Configuration

Network Block/Allow

Sender to Recipient Block/Allow List

Global Sender Block/Allow List

SPF Settings

DKIM Settings

Antivirus Settings

Antivirus Signature Feeds

Antivirus Signature Bypass

Antispam Settings

Custom Antispam Filter Tests

Initialize Pyzor

Initialize Vipul's Razor

Clear Bayes Database

Custom File Extensions

Custom File Expressions

Message Rules

File Rules

SVF Policies

Message History

Internal Certificate Authority

PGP Key Servers

Encryption Settings

Internal Recipients Encryption

External Recipients Encryption

Console Settings