Send signed email receive encrypted
In this article we’ll show how to create test certificates or use existing certificate, for sending signed emails. Our recipients will use the public key information from the signed email to encrypt emails they’ll be sending to us. Finally we’ll show how to decrypt those emails.
Create test certificate
We’ll use makecert.exe tool to create certificate in cer format and pvk2pfx.exe tool to convert it to pfx format:
makecert.exe -pe -r -sv Test_Keys.pvk -n "CN=Alice,E=alice2@testdomain.com" -sky exchange Test.cer
pvk2pfx.exe -pvk Test_Keys.pvk -spc Test.cer -pfx Test.pfx
Importing private/public keys or certificates in PEM, CER formats.
Create S/MIME signed email
Now we’ll create a signed message using Mail.dll. It is a simple task we just need to load certifcate from disk and use SignWith method:
X509Certificate2 certificate = new X509Certificate2(
@"c:\Test.pfx";,
"",
X509KeyStorageFlags.PersistKeySet);
IMail email = Limilabs.Mail.Fluent.Mail.Text("This is a signed message")
.Subject("This is a signed message")
.From("alice2@testdomain.com")
.To("test@testdomain.com")
.SignWith(certificate)
.Create();
Send S/MIME signed email
Now we’ll use Smtp class to connect and authenticate to our SMTP server and send the email message:
using(Smtp smtp = new Smtp())
{
smtp.Connect("smtp.server.com"); // or ConnectSSL for SSL
smtp.UseBestLogin("user", "password");
smtp.SendMessage(email);
smtp.Close();
}
Here you can find more details on sending S/MIME signed email.
S/MIME signed email is received
Here’s how the recipient will see the message. Please note that we are using self-signed certificates and this is why we are seeing this warning message.
Next step for the recipient is to mark received certificate as trusted.
The recipient should then add the certificate to the contact list:
As you can see there is a DigitalID assigned to Alice (email sender):
S/MIME encrypted email reply
Finally recipient replies to the message marking the new message to be encrypted.
Receiving S/MIME encrypted email reply
We’ll use IMAP component to download this message. You can use IMAP or POP3 components to download it.
In fact we can see that it is encrypted (we are showing raw eml variable here):
Now we can decrypt the message using the same certificate, we used for signing. Note that we are adding this certificate to SMIMEConfiguration.Certificates collection:
X509Certificate2 certificate = new X509Certificate2(
@"c:\Text.pfx",
"",
X509KeyStorageFlags.PersistKeySet);
using(Imap imap = new Imap())
{
imap.Connect("imap.testdomain.com");
imap.UseBestLogin("alice2@testdomain.com", "password");
var eml = imap.GetMessageByNumber(1);
MailBuilder builder = new MailBuilder();
builder.SMIMEConfiguration.Certificates.Add(certificate);
IMail email = builder.CreateFromEml(eml);
Console.WriteLine(email.IsEncrypted);
Console.WriteLine(email.Html);
Console.WriteLine(email.Text);
imap.Close();
}
You can also find more information about SMIME and Mail.dll here: