Archived Forum Post

Index of archived forum posts

Question:

Read S/MIME Encrypted Email - Where are the certs/keys?

Dec 24 '12 at 12:36

Hi Chilkat,

I'm trying to reproduce your example in how to read S/MIME Encrypted Email, so we are talking python here.

Where/how do I define what certs/keys are used for decryption? I'm not using Windows.

The debug log tells me

                    FindPrivateKeyFromSystemCerts:
                        NumRecipientInfos: 2
                        certSerialNumber: 0FD31CE8C53135A1D7EBE499743B30F9
                        certIssuerCN: UTN-USERFirst-Client Authentication and Email
                        subjectKeyIdentifier: 
                        certSerialNumber: 008AC723075A6753A0
                        certIssuerCN: Signtrust CERT Class 2 CA 6:PN
                        subjectKeyIdentifier: 
                        (leaveContext)
                    No certificate with private key found.

Thank you very much! Florian


Answer

Florian,

I will update the example for two reasons:

1) The AutoUnwrapSecurity property was removed many versions ago. The security layers are always automatically unwrapped.

and

2) The example assumes it's running on a Windows OS where the certs and private keys may have already been installed. On other systems (and also optional on Windows systems) the location of the certs and private keys, which would be located in .pfx / .p12 files, can be specified prior to downloading the email. You would do this by calling the imap.AddPfxSourceFile (and/or AddPfxSourceData) once for each PFX file where certs + private keys are located. For example, if you have a collection of certs + private keys stored across 10 different PFX files, you could add them all by calling AddPfxSourceFile once for each file. Typically, only 1 PFX is needed, but Chilkat allows for the possibility for providing a collection of PFX's.