Signing e-mails with certificates from active directory

0 votes
asked Feb 15, 2013 by Rebex KB (8,430 points)
edited Feb 15, 2013

In an application we need to send encrypted emails to possibly thousands of users who have their S/MIME certificate hosted in an Active Directory forest. Searching the internet I was not able to get information about how to find certificates in and extract it from AD. Does your S/MIME component support such a scenario or do we need to implement this functionality independently?

Applies to: Rebex Secure Mail

1 Answer

0 votes
answered Feb 15, 2013 by Jan Sotola (17,670 points)
edited Feb 15, 2013
Best answer

Rebex Secure Mail doesn't support extracting certificates from Active Directory. However, this can be implemented quite easily using .NET's System.DirectoryServices assembly. I have found what looks like a simple example code here.
NOTE: The example code uses X509Certificate2 instead of our Certificate object, but this doesn't matter – you can replace X509Certificate2 in the code with Certificate, but this should not be necessary because Certificate has an implicit conversion operator, which means you can simply supply X509Certificate2 objects to methods accepting Certificate objects.