MailAddress.Certificate2 Property

Gets or sets the associating digital certificate for digital signature and encryption (S/MIME). 

[Visual Basic]
Public Property Certificate2 As X509Certificate2

[C#]
public X509Certificate2 Certificate2 {get; set;}

[C++]
public: __property X509Certificate2^ get_Certificate2();
public: __property void set_Certificate2(X509Certificate2^);

[JScript]
public function get Certificate2() : X509Certificate2;
public function set Certificate2(X509Certificate2);

Property Value

A X509Certificate2 value indicating the associating digital certificate.

Remarks

By default, Personal digital certificate is stored at StoreLocation.CurrentUser "my". Encryption digital certificates are stored at StoreLocation.CurrentUser "Address Book".
To learn more about email digital signature and encryption, please refer to Digital Signature and E-mail Encryption section.

RSASSA-PSS Signature and RSA-OAEP Encryption

If you need to use RSASSA-PSS signature scheme, you need a special version of EASendMail, please have a look at this topic:
RSASSA-PSS + RSA-OAEP Encryption with SHA256

Example

[Visual Basic, C#] The following example demonstrates how to load certificate to sign email content with EASendMail SMTP Component. To get the full samples of EASendMail, please refer to Samples section. 

[VB - Sign Email with Certificate]
Imports EASendMail
Imports System.Security.Cryptography.X509Certificates

Private Function _findCertificate(storeName As String, emailAddress As String) As X509Certificate2  

    Dim cert As X509Certificate2 = Nothing
    Dim store As New X509Store(storeName, StoreLocation.CurrentUser)

    store.Open(OpenFlags.ReadOnly)
    Dim certfiicates As X509Certificate2Collection = store.Certificates.Find(X509FindType.FindBySubjectName, emailAddress, True)
    If certfiicates.Count > 0 Then
        cert = certfiicates(0)
    End If

    store.Close()

    _findCertificate = cert
End Function

Try
    Dim oMail As SmtpMail = New SmtpMail("TryIt")
    oMail.From = New MailAddress("test@emailarchitect.net")

    Dim signerCertificate As X509Certificate2 = _findCertificate("My", oMail.From.Address)
    If signerCertificate Is Nothing Then
        Throw New Exception("No signer certificate found for " + oMail.From.Address + "!")
    End If

    oMail.From.Certificate2 = signerCertificate
    ' You can also load the signer certificate from a pfx file.
    '
    ' Dim pfxPath As String = "D:\TestCerts\signer.pfx"
    ' Dim signerCertFromPfx As X509Certificate2 = New X509Certificate2(pfxPath,
    '        "nosecret",
    ' X509KeyStorageFlags.Exportable Or X509KeyStorageFlags.UserKeySet)
    ' oMail.From.Certificate2 = signerCertFromPfx

    ' If you use it in web application,
    ' please use  X509KeyStorageFlags.Exportable Or X509KeyStorageFlags.MachineKeySet

    ' If you use it in .NET core application
    ' please use X509KeyStorageFlags.Exportable Or X509KeyStorageFlags.EphemeralKeySet

Catch exp As Exception
    Console.WriteLine("No sign certificate found for sender email: {0}", exp.Message)
End Try



[C# - Sign Email with Certificate]
using System.Security.Cryptography.X509Certificates;
using EASendMail;

X509Certificate2 _findCertificate(string storeName, string emailAddress)
{
    X509Certificate2 cert = null;

    X509Store store = new X509Store(storeName, StoreLocation.CurrentUser);
    store.Open(OpenFlags.ReadOnly);

    X509Certificate2Collection certfiicates = store.Certificates.Find(X509FindType.FindBySubjectName, emailAddress, true);
    if (certfiicates.Count > 0)
    {
        cert = certfiicates[0];
    }

    store.Close();

    return cert;
}

try
{
    SmtpMail oMail = new SmtpMail("TryIt");
    oMail.From = "test@adminsystem.com";

    X509Certificate2 signerCertificate = _findCertificate("My", oMail.From.Address);
    if (signerCertificate == null)
        throw new Exception("No signer certificate found for " + oMail.From.Address + "!");

    oMail.From.Certificate2 = signerCertificate;

    // You can also load the signer certificate from a pfx file.
    /* string pfxPath = "D:\\TestCerts\\signer.pfx";
    X509Certificate2 signerCertFromPfx = new X509Certificate2(pfxPath,
        "nosecret",
        X509KeyStorageFlags.Exportable | X509KeyStorageFlags.UserKeySet);

    oMail.From.Certificate2 = signerCertFromPfx;
    */
    // If you use it in web application,
    // please use  X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet

    // If you use it in .NET core application
    // please use X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet
}
catch (Exception exp)
{
    Console.WriteLine("No sign certificate found {0}", exp.Message);
}



[VB - Encrypt Email]

Imports EASendMail
Imports System.Security.Cryptography.X509Certificates

Private Function _findCertificate(storeName As String, emailAddress As String) As X509Certificate2  

    Dim cert As X509Certificate2 = Nothing
    Dim store As New X509Store(storeName, StoreLocation.CurrentUser)

    store.Open(OpenFlags.ReadOnly)
    Dim certfiicates As X509Certificate2Collection = store.Certificates.Find(X509FindType.FindBySubjectName, emailAddress, True)
    If certfiicates.Count > 0 Then
        cert = certfiicates(0)
    End If

    store.Close()

    _findCertificate = cert
End Function

Dim oMail As SmtpMail = New SmtpMail("TryIt")
oMail.From = New MailAddress("test@adminsystem.com")
oMail.To = New AddressCollection("encrypt1@adminsystem.com, encrypt2@adminsystem.com")

For i As Integer = 0 To oMail.[To].Count - 1
    Dim oAddress As MailAddress = oMail.[To](i)

    Dim encryptCert As X509Certificate2 = _findCertificate("AddressBook", oAddress.Address)
    If encryptCert Is Nothing Then
        encryptCert = _findCertificate("My", oAddress.Address)
    End If

    If encryptCert Is Nothing Then
        Throw New Exception("No encryption certificate found for " + oAddress.Address + "!")
    End If

    oAddress.Certificate2 = encryptCert

    ' You can also load the encryptor certificate from a cer file Like this

    ' Dim cerPath As String = "D:\TestCerts\encryptor.cer"
    ' Dim encryptCertFromFile = New X509Certificate2(cerPath)
    ' oAddress.Certificate2 = encryptCertFromFile
Next


[C# - Encrypt Email]
using System.Security.Cryptography.X509Certificates;
using EASendMail;

X509Certificate2 _findCertificate(string storeName, string emailAddress)
{
    X509Certificate2 cert = null;

    X509Store store = new X509Store(storeName, StoreLocation.CurrentUser);
    store.Open(OpenFlags.ReadOnly);

    X509Certificate2Collection certfiicates = store.Certificates.Find(X509FindType.FindBySubjectName, emailAddress, true);
    if (certfiicates.Count > 0)
    {
        cert = certfiicates[0];
    }

    store.Close();

    return cert;
}

SmtpMail oMail = new SmtpMail("TryIt");
oMail.From = "test@adminsystem.com";
oMail.To = "encrypt1@adminsystem.com, encrypt2@adminsystem.com";

for (int i = 0; i < oMail.To.Count; i++)
{
    MailAddress oAddress = oMail.To[i];

    X509Certificate2 encryptCert = _findCertificate("AddressBook", oAddress.Address);
    if (encryptCert == null)
        encryptCert = _findCertificate("My", oAddress.Address);

    if (encryptCert == null)
        throw new Exception("No encryption certificate found for " + oAddress.Address + "!");

    oAddress.Certificate2 = encryptCert;

    // You can also load the encryptor certificate from a cer file like this
    /* 
    string cerPath = "D:\\TestCerts\\encryptor.cer";
    X509Certificate2 encryptCertFromFile = new X509Certificate2(cerPath);
    oAddress.Certificate2 = encryptCertFromFile;
    */
}

See Also

From, ReplyTo, Sender and Return-Path
SmtpMail.From Property
SmtpMail.ReplyTo Property
SmtpMail.Sender Property
SmtpMail.ReturnPath Property
SmtpMail.To Property
SmtpMail.Cc Property
SmtpMail.Bcc Property

Online Examples

Sign Email - VB
Encrypt Email - VB
Sign Email - C#
Encrypt Email - C#
Sign Email - C++/CLI
Encrypt Email - C++/CLI