Smime.Sign Method (MailMessage, Certificate, CertificateCollection)

SmimeSign Method (MailMessage, Certificate, CertificateCollection)

Signs an e-mail message with a digital signature, with the ability to provide a user-defined chain of signing certificates.

Namespace: MailBee.Security
Assembly: MailBee.NET (in MailBee.NET.dll) Version: 12.5.0 build 687 for .NET 4.5

Syntax

Copy

public MailMessage Sign(
	MailMessage message,
	Certificate signingCert,
	CertificateCollection extraCerts
)

Public Function Sign ( 
	message As MailMessage,
	signingCert As Certificate,
	extraCerts As CertificateCollection
) As MailMessage

Parameters

message: Type: MailBee.MimeMailMessage
The original e-mail message to be signed.
signingCert: Type: MailBee.SecurityCertificate
The certificate to be used for signing the message. This certificate must contain a private key.
extraCerts: Type: MailBee.SecurityCertificateCollection
The additional certificates in the chain of the signing certificate. If a null reference (Nothing in Visual Basic), MailBee will build the certificate chain from the signing certificate to the root authority automatically.

Return Value

Type: MailMessage
A reference to the signed message if the signing went successfully; a reference to the original message if it was already signed; a null reference (Nothing in Visual Basic) if the signing process failed.

Exceptions

Exception	Condition
MailBeeInvalidArgumentException	message or signingCert is a null reference (Nothing in Visual Basic).
MailBeeSmimeWin32Exception	A cryptographic error occurred and ThrowExceptions is true (.NET Core 1.0/1.1 edition).
MailBeeCertificateException	A cryptographic error occurred and ThrowExceptions is true.

Remarks

This is a special overload which makes it possible to sign e-mail messages with certificate whose root authority certificate is not present in the system store. In this case, extraCerts collection must contain all certificates signingCert derives from (such as root authority and CA certificates).

Examples

The following code snippet demonstrates how to supply a custom certificate chain from a PFX file when signing a message. It's assumed the PFX contains 3 certificates - root authority, intermediate CA, and the signing certificate itself (root certificate being the first in the collection). For a sample on S/MIME signing in general, see Sign(MailMessage, Certificate) topic.

Copy

X509Certificate2Collection certsFromPfx = new X509Certificate2Collection();
certsFromPfx.Import(@"C:\Temp\cert.pfx", "password", X509KeyStorageFlags.PersistKeySet);
CertificateCollection extraCertsForSigning = new CertificateCollection();
extraCertsForSigning.Add(new Certificate(certsFromPfx[1]));
extraCertsForSigning.Add(new Certificate(certsFromPfx[0]));
MailMessage signedMessage = smime.Sign(msg, new Certificate(certsFromPfx[2]), extraCertsForSigning);

Dim certsFromPfx As X509Certificate2Collection = New X509Certificate2Collection()
certsFromPfx.Import("C:\Temp\cert.pfx", "password", X509KeyStorageFlags.PersistKeySet)
Dim extraCertsForSigning As CertificateCollection = New CertificateCollection()
extraCertsForSigning.Add(New Certificate(certsFromPfx(1)))
extraCertsForSigning.Add(New Certificate(certsFromPfx(0)))
Dim signedMessage As MailMessage = smime.Sign(msg, New Certificate(certsFromPfx(2)), extraCertsForSigning)

Reference

Smime Class

Sign Overload

MailBee.Security Namespace

SmimeSignAndEncrypt(MailMessage, Certificate, CertificateCollection, CertificateCollection)