ClientServerCertificates Class
Provides methods and properties for accessing client and server certificates which are used in order to establish secure SSL connection with a mail server.
Inheritance Hierarchy
SystemObject
  MailBee.SecurityClientServerCertificates

Namespace: MailBee.Security
Assembly: MailBee.NET (in MailBee.NET.dll) Version: 11.2.0 build 590 for .NET 4.5
Syntax
public class ClientServerCertificates : IDisposable

The ClientServerCertificates type exposes the following members.

Constructors
  NameDescription
Public methodClientServerCertificates
Initializes a new instance of the ClientServerCertificates class
Top
Methods
  NameDescription
Public methodDispose
Releases the resources associated with the current ClientServerCertificates object.
Public methodEquals
Determines whether the specified object is equal to the current object.
(Inherited from Object.)
Protected methodFinalize
Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.
(Inherited from Object.)
Public methodGetHashCode
Serves as the default hash function.
(Inherited from Object.)
Public methodGetType
Gets the Type of the current instance.
(Inherited from Object.)
Protected methodMemberwiseClone
Creates a shallow copy of the current Object.
(Inherited from Object.)
Public methodToString
Returns a string that represents the current object.
(Inherited from Object.)
Top
Properties
  NameDescription
Public propertyCode exampleAutoValidation
Gets or sets the flags against which the server certificate should be automatically validated.
Public propertyCheckCertificateRevocation
Gets or sets whether the certificate revocation list is checked during authentication.
Public propertyCode exampleClient
Gets or sets the client certificate.
Public propertyCode exampleServer
Gets the server certificate.
Top
Remarks

You can use this class to assign the client certificate to be presented to the mail server during SSL handshakes, or to access the server certificate which becomes available to the client once SSL handshake is done, or both. Also, you can tell MailBee to automatically validate the server certificate against any of the available criteria and throw exception if the server certificate does not pass the test.

ClientServerCertificates instance is available through SmtpServer.SslCertificates, Pop3.SslCertificates and Imap.SslCertificates properties.

Note Note
To use this class, make sure MailBee.NET Security is licensed (MailBee.NET Objects full bundle does include the license).
Examples
This sample attempts to select a client certificate to be presented to the mail server, connects to the server (dedicated SSL connection, not STARTTLS), and automatically validates the server certificate. If the server certificate is invalid, the sample reports what exactly is wrong with the server certificate.
using System;
using MailBee;
using MailBee.Pop3Mail;
using MailBee.Security;

class Sample
{
    static void Main(string[] args)
    {
        Pop3 pop = new Pop3();

        // Start SSL handshake on "connecting to server" stage (dedicated port connection).
        // If you wish to use STARTTLS (regular port connection), select UseStartTls value
        // (port would be 110 and SSL handshake would occur later on StartTls or Login call).
        pop.SslMode = SslStartupMode.OnConnect;

        // Open Personal store of certificates, attempt to find the certificate containing
        // "john" in the email address or name, and present this certificate to the server.
        CertificateStore store = new CertificateStore(CertificateStore.Personal,
            CertStoreType.System, null);
        CertificateCollection certs = store.FindCertificates("john",
            CertificateFields.EmailAddress | CertificateFields.Name);
        store.Dispose();
        if (certs.Count > 0)
        {
            pop.SslCertificates.Client = certs[0];
            Console.WriteLine("Client certificate set.");
        }
        else
        {
            // Most servers do not require clients to authenticate themselves via SSL
            // certificates so that anonymous SSL connection usually works too unless
            // your server is an exception.
            Console.WriteLine("Client certificate not set, the connection will be anonymous.");
        }

        // Tell MailBee to automatically validate the server certificate and
        // throw exception if any of the available conditions is not met.
        pop.SslCertificates.AutoValidation = CertificateValidationFlags.All;
        try
        {
            pop.Connect("mail.domain.com", 995);    // 995 is dedicated S/POP3 port.
            pop.Disconnect();
        }
        catch (MailBeeCertificateValidationException e)
        {
            // Server certificate is not valid.
            Console.WriteLine(e.Message);

            // Build a string which lists the names of all the flags
            // the certificate validation process has failed for.
            string reasons = string.Empty;
            CertificateValidationFlags flags = e.Status;
            int mask = 1;
            while (flags > 0)
            {
                CertificateValidationFlags flag = flags & (CertificateValidationFlags)mask;
                if (flag != CertificateValidationFlags.None)
                {
                    if (reasons.Length > 0)
                    {
                        reasons += ", ";
                    }
                    reasons += flag.ToString();
                    flags &= (CertificateValidationFlags)~mask;
                }
                mask <<= 1;
            }

            Console.WriteLine("Reasons: " + reasons);
        }
    }
}
See Also