Glossary Item Box

PowerTCP Mail for .NET

Handling Client Authentication

A Mail server may request a certificate from the client, forcing the client to prove it's identity to the server. This process is called client authentication. If the server does request a certificate from the mail client, the CertificateRequested event will be raised, notifying the user.

These examples demonstrate the Smtp component. The Pop and Imap components work similarly.

Handling Client Authentication Interactively

When writing an interactive application in which a server requests client authentication it is often useful to notify the user of the client application and allow them to select the certificate they would like to use for client authentication. The CertificateListForm object is ideal for displaying available certificates to the user. See the topic Using The CertificateListForm Object for more information on using this object. If the scenario is such that you cannot provide a dialog box to the user (for example, if you are writing some sort of automated scripting application) you have to use a different technique. This is addressed later in this topic.

As stated in Using The CertificateListForm Object, be sure to add a reference to Dart.PowerTCP.Mail.Forms in order to have access to the CertificateListForm.

[C#]
private void SecureTest()
{
   // Use explicit SSL
   smtp1.Security = Dart.PowerTCP.Mail.Security.Explicit;

   // Send a message, it will initiate an SSL connection
   smtp1.Server = "MyMailServer";
   smtp1.Send("you@dart.com", "me@dart.com", "SSL Test", "Hello");

   MessageBox.Show("Message Sent")
}                       

private void smtp1_CertificateRequested(object sender, System.EventArgs e)
{
   // Create a new instance of CertificateListForm
   CertificateListForm certForm = new CertificateListForm(true, true);
   certForm.Text = "The Server Requested A Client Certificate";

   // Show the CertificateListForm to the user and let them choose a certificate
   if(certForm.ShowDialog() == DialogResult.OK)
   {
      // Set the Certificate property to the certificate the user selected.
      smtp1.Certificate = certForm.SelectedCertificate;
   }
   else
   {
      MessageBox.Show("You must select a cert. SSL communication will fail.");
   }
}

[Visual Basic]
Private Sub SecureTest()
   ' Use explicit SSL
   Smtp1.Security = Dart.PowerTCP.Mail.Security.Explicit

   ' Send a message, it will initiate an SSL connection
   Smtp1.Server = "MyMailServer"
   Smtp1.Send("you@dart.com", "me@dart.com", "SSL Test", "Hello")

   MessageBox.Show("Message Sent")
End Sub

Private Sub Smtp1_CertificateRequested(ByVal sender As Object, e As EventArgs) Handles Smtp1.CertificateRequested
   ' Create a new instance of CertificateListForm
   Dim certForm as new CertificateListForm(True, True)
   certForm.Text = "The Server Requested A Client Certificate"

   ' Show the CertificateListForm to the user and let them choose a certificate
   If certForm.ShowDialog() = DialogResult.OK Then
      ' Set the Certificate property to the certificate the user selected.
      Smtp1.Certificate = certForm.SelectedCertificate
   Else
      MessageBox.Show("You must select a cert. SSL communication will fail.")
   End If
End Sub

Handling Client Authentication When Writing A Scripting Application

If you are writing a scripting application which needs to execute without interactive user input it is often useful to set the Certificate property to a valid certificate before communication with the mail server. For this purpose the CertificateStore object is ideal. NOTE, in this example the CertificateRequested event will still be raised (if an event handler is present) but it is NOT necessary to take action in this event because the Smtp.Certificate property will already be properly set.

[C#]
private void SecureTest()
{

   // Create a new certificate store object
   CertificateStore store = new CertificateStore();

   // Set the Certificate property to the first certificate found.
   smtp1.Certificate = store[0];

   // Use explicit SSL
   smtp1.Security = Dart.PowerTCP.Mail.Security.Explicit;

   // Send a message, it will initiate an SSL connection
   smtp1.Server = "MyMailServer";
   smtp1.Send("you@dart.com", "me@dart.com", "SSL Test", "Hello");

   MessageBox.Show("Message Sent")
}

[Visual Basic]
Private Sub SecureTest()

   ' Create a new certificate store object
   Dim store as new CertificateStore()

   ' Set the Certificate property to the first certificate found.
   Smtp1.Certificate = store(0)
   
   ' Use explicit SSL
   Smtp1.Security = Dart.PowerTCP.Mail.Security.Explicit

   ' Send a message, it will initiate an SSL connection
   Smtp1.Server = "MyMailServer"
   Smtp1.Send("you@dart.com", "me@dart.com", "SSL Test", "Hello")

   MessageBox.Show("Message Sent")
End Sub

 

In This Section

Security Overview
Provides an overview of basic security concepts such as digital certificates and authentication.
Creating A Mail Client
Provides a step-by-step set of instructions on how to create a Mail client.
Handling Client Authentication.
Demonstrates how to use a certificate to authenticate the client to the server.
Explicit vs Implicit Security
Discusses the differences between using explicit and implicit SSL.
Using The CertificateListForm Object
Demonstrates how to use the CertificateListForm to assist users in selecting a certificate.
Using MMC To Manage SSL Certificates
Discusses how to use the Microsoft Management Console to manage SSL certificates.
Windows 95/98 Security Compatibility
Discusses compatibility issues with Windows 95 and 98.

 

 

Send comments on this topic.

Documentation version 3.1.

© 2009 Dart Communications.  All rights reserved.