Archived Forum Post

Index of archived forum posts

Question:

(PowerBuilder) POP3 CopyMail() returns NULL EmailBundle

Jul 10 '17 at 08:44

Hello there,

we are running an automated pop3fetcher (for attachments) powered by Chilkat Mail (Active X) on PB 10.5

It works really well, but we now encounter an error on a Windows 2008 Terminal Server machine when no user is logged in and our application is run as an automated task (windows task scheduler -> security options -> ‘Run whether user is logged on or not‘).

I'm using CopyMail() to get the Emails into the Mailbundle oleobject, wich I then test with:

if isvalid(loo_mailbundle) then

The mailbundle being NULL, I checked with GetLastErrorText to find:

unEnvelope3:
  unEnvelope_encrypted:
    findMatchingPrivateKeyFromSysCerts:
      numRecipientInfos: 1
      certSerialNumber: ---blacked---
      certIssuerCN: COMODO SHA-256 Client Authentication and Secure Email CA
      certIssuerDN: GB, Greater Manchester, Salford, COMODO CA Limited, COMODO SHA-256
Client Authentication and Secure Email CA
      subjectKeyIdentifier: 
      findPrivateKey:
        certGetPrivateKeyAsDER:
          msCertGetPrivateKey:
            openCertKeyContainer:
              acquirePrivateKey:
                WindowsError: Das System kann die angegebene Datei nicht finden.
                WindowsErrorCode: 0x2
              --acquirePrivateKey
            --openCertKeyContainer
            Failed to open key container for certificate.
          --msCertGetPrivateKey
        --certGetPrivateKeyAsDER
        No private key available.
      --findPrivateKey
    --findMatchingPrivateKeyFromSysCerts
    No certificate with private key found.
  --unEnvelope_encrypted
--unEnvelope3
Failed to unenvelope message

I tried solving this issues by using mailman.AddPfxSourceFile() and mailman.SetDecryptCert() respectively, which now results in the same NULL EmailBundle, but I can't seem to be able to find the error in the LastErrorText:

06:30:05 ChilkatLog:
  CopyMail:
    DllDate: Aug 26 2015
    ChilkatVersion: 9.5.0.52
    UnlockPrefix: ISSOFTMAILQ
    Username: EPHTS01:is-software
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 0
    PopCmdSent: STAT
    PopCmdResp: +OK 2 74487
    statResponse: +OK 2 74487
    numMessages: 2
    fetchFullEmails:
      PopCmdSent: LIST
      PopCmdResp: +OK 2 messages (74487) octets
1 62760
2 11727
.
      PopCmdSent: UIDL
      PopCmdResp: +OK 2 messages (74487) octets
      PopCmdResp: 1 201705310141180228
2 201705310430490266
.
      fetchSingleFull:
        PopCmdSent: RETR 1
        PopCmdResp: +OK 62760 octets
        rawMimeToEmail:
          createFromPop3:
            createFromMimeObject:
              unwrapSecurity:
                unwrapInner2:
                  Unwrapping enveloped (encrypted or signed)...
                  unenvelope:
                    loadPkcs7Der:
                      loadPkcs7Xml:
                        Pkcs7_EnvelopedData:
                          AlgorithmIdentifier_loadXml:
                            encryptionAlgorithmOid: 1.2.840.113549.3.7
                            IV: hFTIdpLYdAA=
                          --AlgorithmIdentifier_loadXml
                          numRecipients: 1
                          RecipientInfo:
                            IssuerAndSerialNumber:
                              serialNumber1: ----blacked out----
                              issuerCommonName: COMODO SHA-256 Client Authentication and Secure Email CA
                              issuerCountry: GB
                              issuerState: Greater Manchester
                              issuerLocality: Salford
                              issuerOrganization: COMODO CA Limited
                            --IssuerAndSerialNumber
                            encryptedKeyNumBytes: 256
                          --RecipientInfo
                        --Pkcs7_EnvelopedData
                      --loadPkcs7Xml
                    --loadPkcs7Der
                    unEnvelope3:
                      unEnvelope_encrypted:
                        findMatchingPrivateKeyFromSysCerts:
                          numRecipientInfos: 1
                          certSerialNumber: ----blacked out----
                          certIssuerCN: COMODO SHA-256 Client Authentication and Secure Email CA
                          subjectKeyIdentifier: 
                        --findMatchingPrivateKeyFromSysCerts
                        AlgorithmIdentifier:
                          oid: 1.2.840.113549.1.1.1
                        --AlgorithmIdentifier
                        Decrypting symmetric key...(1)
                        Decrypting data using symmetric key (1)
                        decryptedSymmetricKeyLen1: 24
                        symmetricDecrypt:
                          algId_oid: 1.2.840.113549.3.7
                          DES3_CBC
                          symmetricKeySizeInBytes: 24
                          numBytesToDecrypt: 43552
                          algorithm: des
                          keyLength: 192
                          outputSize: 43545
                          symmetricDecryptOutputSize: 43545
                        --symmetricDecrypt
                      --unEnvelope_encrypted
                    --unEnvelope3
                    cert_issuer: GB, Greater Manchester, Salford, COMODO CA Limited, COMODO SHA-256 Client
Authentication and Secure Email CA
                    cert_subject: ----blacked out-----
                    unenvelopedDataSize: 43545
                  --unenvelope
                  Unwrapping multipart/signed...
                  unwrapMultipartSigned:
                    loadPkcs7Der:
                      loadPkcs7Xml:
                        loadSignedDataXml:
                          NumDigestAlgorithmIdentifiers: 1
                          AlgorithmIdentifier:
                            oid: 2.16.840.1.101.3.4.2.1
                          --AlgorithmIdentifier
                          This is a detached signature.
                          numSigners: 1
                          SignerInfo:
                            signerInfoLoadXml:
                              contentType: 1.2.840.113549.1.7.1
                              messageDigestHex: 5DFE 893D 202B 2865 DA49 D6D1 05BC 1B5C
CC21 F5A0 A57E 0529 0FBA EF9E 0380 FF0F
                              signingTime: 170530234117Z
                            --signerInfoLoadXml
                          --SignerInfo
                        --loadSignedDataXml
                      --loadPkcs7Xml
                      extractCertsFromSignedData:
                        numCerts: 1
                      --extractCertsFromSignedData
                    --loadPkcs7Der
                    verifyDetachedSignature:
                      verifySignature:
                        numSigners: 1
                        numDigestAlgorithms: 1
                        Computing SHA256 message digest.
                        numBytesDigested: 39937
                        numSigners: 1
                        signerDigestAlgOid: 2.16.840.1.101.3.4.2.1
                        messageDigestSize: 32
                        Signer_0:
                          getSignerInfoCert:
                            issuerCN: QuoVadis Swiss Advanced CA G2
                            serialNum: 5D31C5EB69BA6780CE4D46547E18350003085DFA
                          --getSignerInfoCert
                          digestOid: 2.16.840.1.101.3.4.2.1
                          Digest of authenticated attributes DER matches.
                        --Signer_0
                        Signature verified but skipping verification of certificates.
                      --verifySignature
                    --verifyDetachedSignature
                  --unwrapMultipartSigned
                --unwrapInner2
                A signed and encrypted email was received
                All signatures are valid
                All data successfully decrypted
                num_parts_signed: 1
                num_parts_encrypted: 1
              --unwrapSecurity
            --createFromMimeObject
          --createFromPop3
        --rawMimeToEmail
      --fetchSingleFull
      fetchSingleFull:
        PopCmdSent: RETR 2
        PopCmdResp: +OK 11727 octets
        rawMimeToEmail:
          createFromPop3:
            createFromMimeObject:
              unwrapSecurity:
                unwrapInner2:
                  Unwrapping enveloped (encrypted or signed)...
                  unenvelope:
                    loadPkcs7Der:
                      loadPkcs7Xml:
                        Pkcs7_EnvelopedData:
                          AlgorithmIdentifier_loadXml:
                            encryptionAlgorithmOid: 1.2.840.113549.3.7
                            IV: JnLJoCnHeao=
                          --AlgorithmIdentifier_loadXml
                          numRecipients: 1
                          RecipientInfo:
                            IssuerAndSerialNumber:
                              serialNumber1: ----blacked out----
                              issuerCommonName: COMODO SHA-256 Client Authentication and Secure Email CA
                              issuerCountry: GB
                              issuerState: Greater Manchester
                              issuerLocality: Salford
                              issuerOrganization: COMODO CA Limited
                            --IssuerAndSerialNumber
                            encryptedKeyNumBytes: 256
                          --RecipientInfo
                        --Pkcs7_EnvelopedData
                      --loadPkcs7Xml
                    --loadPkcs7Der
                    unEnvelope3:
                      unEnvelope_encrypted:
                        findMatchingPrivateKeyFromSysCerts:
                          numRecipientInfos: 1
                          certSerialNumber: ----blacked out----
                          certIssuerCN: COMODO SHA-256 Client Authentication and Secure Email CA
                          subjectKeyIdentifier: 
                        --findMatchingPrivateKeyFromSysCerts
                        AlgorithmIdentifier:
                          oid: 1.2.840.113549.1.1.1
                        --AlgorithmIdentifier
                        Decrypting symmetric key...(1)
                        Decrypting data using symmetric key (1)
                        decryptedSymmetricKeyLen1: 24
                        symmetricDecrypt:
                          algId_oid: 1.2.840.113549.3.7
                          DES3_CBC
                          symmetricKeySizeInBytes: 24
                          numBytesToDecrypt: 6472
                          algorithm: des
                          keyLength: 192
                          outputSize: 6465
                          symmetricDecryptOutputSize: 6465
                        --symmetricDecrypt
                      --unEnvelope_encrypted
                    --unEnvelope3
                    cert_issuer: GB, Greater Manchester, Salford, COMODO CA Limited, COMODO SHA-256 Client
Authentication and Secure Email CA
                    cert_subject:  ----blacked out-----
                    unenvelopedDataSize: 6465
                  --unenvelope
                  Unwrapping multipart/signed...
                  unwrapMultipartSigned:
                    loadPkcs7Der:
                      loadPkcs7Xml:
                        loadSignedDataXml:
                          NumDigestAlgorithmIdentifiers: 1
                          AlgorithmIdentifier:
                            oid: 2.16.840.1.101.3.4.2.1
                          --AlgorithmIdentifier
                          This is a detached signature.
                          numSigners: 1
                          SignerInfo:
                            signerInfoLoadXml:
                              contentType: 1.2.840.113549.1.7.1
                              messageDigestHex: 675D A97B 677A 11C8 8B86 E392 7F2D 1549
0529 1C40 C58E 3484 6023 C4A2 98D2 DF58
                              signingTime: 170531023048Z
                            --signerInfoLoadXml
                          --SignerInfo
                        --loadSignedDataXml
                      --loadPkcs7Xml
                      extractCertsFromSignedData:
                        numCerts: 1
                      --extractCertsFromSignedData
                    --loadPkcs7Der
                    verifyDetachedSignature:
                      verifySignature:
                        numSigners: 1
                        numDigestAlgorithms: 1
                        Computing SHA256 message digest.
                        numBytesDigested: 2823
                        numSigners: 1
                        signerDigestAlgOid: 2.16.840.1.101.3.4.2.1
                        messageDigestSize: 32
                        Signer_0:
                          getSignerInfoCert:
                            issuerCN: QuoVadis Swiss Advanced CA G2
                            serialNum: 11D2B6AE5FD0234D4A1A1890F5061F2648D066CC
                          --getSignerInfoCert
                          digestOid: 2.16.840.1.101.3.4.2.1
                          Digest of authenticated attributes DER matches.
                        --Signer_0
                        Signature verified but skipping verification of certificates.
                      --verifySignature
                    --verifyDetachedSignature
                  --unwrapMultipartSigned
                --unwrapInner2
                A signed and encrypted email was received
                All signatures are valid
                All data successfully decrypted
                num_parts_signed: 1
                num_parts_encrypted: 1
              --unwrapSecurity
            --createFromMimeObject
          --createFromPop3
        --rawMimeToEmail
      --fetchSingleFull
    --fetchFullEmails
    Success.
  --CopyMail
--ChilkatLog

The thing is, as soon as I log in with the user the background task is already running at, it works and even continues to work flawlessly when logging out again, until the task is restarted over night.

Are there any specific Windows services needed to be running?

Maybe someone encountered a similar issue, or sees more in this protocol than me.

Thank you for your time.