Importing private\/public keys or certificates in PEM, CER formats<\/a>.\n<\/div>\n\r\n\/\/ C# version\r\n\r\nvar eml = client.GetMessageByUID(uid);\r\n\r\nX509Certificate2 certificate = new X509Certificate2(\r\n "certificate.pfx", "", X509KeyStorageFlags.PersistKeySet);\r\n\r\nMailBuilder builder = new MailBuilder();\r\nbuilder.SMIMEConfiguration.Certificates.Add(certificate);\r\n\r\nIMail decrypted = builder.CreateFromEml(eml);\r\n\r\nConsole.WriteLine(decrypted.NeedsDecryption); \/\/ outputs false\r\nConsole.WriteLine(decrypted.IsEncrypted); \/\/ outputs true\r\n\r\n<\/pre>\n\r\n' VB.NET version\r\n\r\nDim eml = client.GetMessageByUID(uid)\r\n\r\nDim certificate As New X509Certificate2("certificate.pfx", "", X509KeyStorageFlags.PersistKeySet)\r\n\r\nDim builder As New MailBuilder()\r\nbuilder.SMIMEConfiguration.Certificates.Add(certificate)\r\n\r\nDim decrypted As IMail = builder.CreateFromEml(eml)\r\n\r\nConsole.WriteLine(decrypted.NeedsDecryption) ' outputs False\r\nConsole.WriteLine(decrypted.IsEncrypted); ' outputs True\r\n\r\n<\/pre>\nIMail.IsEncrypted<\/em> property returns true for both: S\/MIME emails that need to be decrypted, and those that where decrypted.<\/p>\nIf you want to instruct MailBuilder <\/em> not to decrypt emails automatically<\/strong> and decrypt them later, you should set MailBuilder.DecryptAutomatically<\/em> property to false. <\/p>\nTo know if an email needs to decryption use IMail.NeedsDecryption<\/em> property.<\/p>\n\r\n\/\/ C# version\r\n\r\nvar eml = client.GetMessageByUID(uid);\r\n\r\nMailBuilder builder = new MailBuilder();\r\nbuilder.DecryptAutomatically = false;\r\n\r\nIMail encrypted = builder.CreateFromEml(eml);\r\n\r\nConsole.WriteLine(encrypted.NeedsDecryption); \/\/ outputs true\r\nConsole.WriteLine(encrypted.IsEncrypted); \/\/ outputs true\r\n\r\nX509Certificate2 certificate = new X509Certificate2(\r\n "certificate.pfx", "", X509KeyStorageFlags.PersistKeySet);\r\n\r\nIMail decrypted = mail.Decrypt(certificate);\r\n\r\nConsole.WriteLine(decrypted.NeedsDecryption); \/\/ outputs false\r\nConsole.WriteLine(decrypted.IsEncrypted); \/\/ outputs true\r\n\r\n<\/pre>\n\r\n' VB.NET version\r\n\r\nDim eml = client.GetMessageByUID(uid)\r\n\r\nDim builder As New MailBuilder()\r\nbuilder.DecryptAutomatically = False\r\n\r\nDim encrypted As IMail = builder.CreateFromEml(eml)\r\n\r\nConsole.WriteLine(decrypted.NeedsDecryption) ' outputs True\r\nConsole.WriteLine(decrypted.IsEncrypted); ' outputs True\r\n\r\nDim certificate As New X509Certificate2( _\r\n "certificate.pfx", "", X509KeyStorageFlags.PersistKeySet)\r\n\r\nDim decrypted As IMail = mail.Decrypt(certificate)\r\n\r\nConsole.WriteLine(decrypted.NeedsDecryption) ' outputs False\r\nConsole.WriteLine(decrypted.IsEncrypted); ' outputs True\r\n\r\n<\/pre>\nCommon errors you may encounter:<\/p>\n
\n- Please use the PersistKeySet <\/strong> flag when loading from file (new X509Certificate2(_certificatePath, “”, X509KeyStorageFlags.PersistKeySet);) and adding to store\n<\/li>\n
- “Bad key”<\/strong> exception message means that certificate was not for key exchange – makecert needs an extra parameter to create certificate that can be used for symmetric algorithm key exchange: -sky exchange.\n<\/li>\n
- “the enveloped data-message does not contain the specified recipient”<\/strong> means that certificate with the private key is not deployed into the current account\/local machine personal store, or not in the certificates list\n<\/li>\n
- “Cannot find object or property.” <\/strong> means that the certificate was found, but there is no private key in it. Consider importing it by double clicking the pfx file (Remember to import all extended properties<\/strong> and place all certificates in Personal store<\/strong>).\n<\/li>\n<\/ul>\n
You can use following commands in VisualStudio Command Prompt to create test certificate:<\/p>\n
makecert.exe -pe -r -sv Test_Keys.pvk -n \"CN=John Doe,E=email@in-the-certificate.com\" -sky exchange Test.cer<\/code><\/p>\npvk2pfx.exe -pvk Test_Keys.pvk -spc Test.cer -pfx Test.pfx<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"After you have downloaded S\/MIME encrypted email from IMAP or POP3 server you need to parse and decrypt it. MailBuilder class tries to automatically decrypt emails using StoreName.My certificate store. Of course, you can explicitly specify certificates that should be used for decryption. You should use MailBuilder.SMIMEConfiguration property for that. If you use CER or […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[15,33,49,57],"class_list":["post-1785","post","type-post","status-publish","format-standard","hentry","category-mail-dll","tag-c","tag-email-component","tag-smime","tag-vb-net"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/1785"}],"collection":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/comments?post=1785"}],"version-history":[{"count":12,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/1785\/revisions"}],"predecessor-version":[{"id":4970,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/1785\/revisions\/4970"}],"wp:attachment":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/media?parent=1785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/categories?post=1785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/tags?post=1785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}