Signed email involves the sender's private key. Using the CertMover.exe utility included with the installation,
you should move the signer certificate from the
HKEY_CURRENT_USER to HKEY_LOCAL_MACHINE section of the registry before sending signed email
in an ASP/ASP.NET environment.
To generate a digital signature, the CryptoMessage object must be assigned an instance
of the CryptoCert object representing the signer certificate using the SetSignerCert method.
This certificate must have an associated private key. The CryptoMessage object is then passed to
AspEmail's SendSigned method.
The following code sample sends a signed email message
using a certificate located in the MY store of the HKLM section of the registry:
| VBScript |
|---|
Set CM = Server.CreateObject("Persits.CryptoManager")
' Create instance of AspEmail
Set Mail = Server.CreateObject("Persits.MailSender")
Set Context = CM.OpenContext("", True )
CM.LogonUser "domain", "account", "password""
Set Store = CM.OpenStore( "MY", True )
Set SenderCert = _
Store.Certificates("d5 b9 c8 38 8f fb 41 b0 43 d6 47 2b b9 58 44 5e")
Set Msg = Context.CreateMessage( True )
Msg.SetSignerCert SenderCert
' Replace with your own SMTP server's address
Mail.Host = "smtp.mycompany.com"
Mail.Subject = "Signed message"
Mail.From = SenderCert.Subject("e")
Mail.FromName = "Very Hot Cakes, Inc."
Mail.AddAddress "name@company.com"
Mail.Body = "Here is your receipt."
Mail.SendSigned Msg ' Use CryptoMessage object |
| C# |
|---|
ICryptoManager objCM = new CryptoManager();
// Create instance of AspEmail
IMailSender objMail = new MailSender();
ICryptoContext objContext = objCM.OpenContext( "", true, Missing.Value );
objCM.LogonUser( "domain", "account", "password", Missing.Value );
ICryptoStore objStore = objCM.OpenStore( "MY", true );
ICryptoCert objSenderCert =
objStore.Certificates["d5 b9 c8 38 8f fb 41 b0 43 d6 47 2b b9 58 44 5e"];
ICryptoMessage objMsg = objContext.CreateMessage( true );
objMsg.SetSignerCert( objSenderCert );
// Replace with your own SMTP server's address
objMail.Host = "smtp.mycompany.com";
objMail.Subject = "Signed message";
objMail.From = objSenderCert.Subject["e"];
objMail.FromName = "Very Hot Cakes, Inc.";
objMail.AddAddress( "name@company.com", Missing.Value );
objMail.Body = "Here is your receipt.";
// Use CryptoMessage object
objMail.SendSigned( objMsg ); |
Before running this code sample, you need to modify it to use your own certificate's serial number,
and pass your own email address to the AddAddress method.
Click the links below to run this code sample:
http://localhost/aspencrypt/manual_05/05_signed.asp
http://localhost/aspencrypt/manual_05/05_signed.aspx
You can also supply your signer certificate in a PFX (PKCS#12) file. A .pfx file can be obtained
by exporting a certificate from your personal certificate store along with its private key
as described in the previous chapter.
Once the .pfx file is created, you can place it on the server where AspEncrypt can access it
via the CryptoContext method OpenStoreFromPFX.
The following code fragment can be used to retrieve the signer certificate.
Note that there is no need to move the certificate to the HKEY_LOCAL_MACHINE section of the registry
but you still need to use the LogonUser method. Also,
under IIS 5.0 you must make sure the virtual directory's Application Protection option is set to Low.
| VBScript |
|---|
...
CM.LogonUser "domain", "account", "password"
Set Store = CM.OpenStoreFromPFX("c:\path\cert.pfx", "password")
Set SignerCert = Store.Certificates(1)
... |
| C# |
|---|
...
objCM.LogonUser( "domain", "account", "password");
ICryptoStore objStore = objCM.OpenStoreFromPFX( @"c:\path\cert.pfx", "password" );
ICryptoCert objSignerCert = objStore.Certificates[1];
... |
