Signing with .cer, .p7m, .p7s, .pfx, .p12

Question:

I want to use a DC file to sign a email using a private key and then use another DC (.cer) public key file to encypt the email. I can get the .cer file but in your docs you talk about signing with a .cer, .p7m or .p7s file. How can I produce of these files with only the private key for asymmetrical signing. All I can export my DC out of outlook express as is a .pfx or .p12. Can I use either of these files to sign my email with my private key using the ChilkatMail activeX or another Chilkat ActiveX?

Answer:

The Chilkat Mail component can use a .cer, .p7m, or .p7s file for signing an email. The private key always obtained from the Windows protected store, which is where the public/private key pairs are imported to when you import from a PFX. The Chilkat.Cert object can load .cer, .p7m, or .p7s files, and the email component can set the signing certificate by passing the cert object to Chilkat.Email.SetSigningCert. (This same logic applies with the S/MIME component and the encryption component.)

The stumbling point is usually in getting the PFX properly imported so that your application can find (and use) the private keys, without warning dialogs popping up when the private key is accessed. These dialogs are popped up by the Windows OS, and unless you import the PFX correctly, you will get these. Also, to use the private keys from ASP or ASP.NET, you'll need to import the PFX in the correct way.

Chilkat has a new component (Chilkat PFX) that allows you to do it. Here is a sample VBScript showing how to import the PFX with Chilkat PFX. (Just copy this into a .vbs file, and double-click to run. The Chilkat PFX ActiveX can be downloaded from the Chilkat downloads web page.) 


'VBScript to import certificates and private keys from a PFX file.

set pfx = CreateObject("ChilkatPfx.ChilkatPfx")

' Any value passed to UnlockComponent begins the 30-day trial.
pfx.UnlockComponent "30-day trial"

' The private keys are stored under local computer and not the current user. 
useMachineKeyset = 1

' The certificate(s) are placed in the local machine store.
useLocalMachineCertStore = 1

'Imported keys are marked as exportable.
markAsExportable = 1

' The user is to be notified through a dialog box or 
' other method when certain actions are attempting to use this key. The precise 
' behavior is specified by the cryptographic service provider (CSP) being used.
wantWarningDialog = 0

success = pfx.ImportPfxFile("c:/temp/myPfx.pfx","myPassword",useMachineKeyset, useLocalMachineStore, markAsExportable,wantWarningDialog)

if (success = 0) then
	MsgBox pfx.LastErrorText
else
	MsgBox "Imported PFX!"
end if