Signing e-mails with certificates from active directory

Question

In an application we need to send encrypted emails to possibly thousands of users who have their S/MIME certificate hosted in an Active Directory forest. Searching the internet I was not able to get information about how to find certificates in and extract it from AD. Does your S/MIME component support such a scenario or do we need to implement this functionality independently?

Answer 1

Rebex Secure Mail doesn't support extracting certificates from Active Directory. However, this can be implemented quite easily using .NET's System.DirectoryServices assembly. I have found what looks like a simple example code here.
NOTE: The example code uses X509Certificate2 instead of our Certificate object, but this doesn't matter – you can replace X509Certificate2 in the code with Certificate, but this should not be necessary because Certificate has an implicit conversion operator, which means you can simply supply X509Certificate2 objects to methods accepting Certificate objects.