Applies To: Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server Technical Preview, Windows Vista
The SenderCertificate property of the MSMQMessage object provides an array of bytes that represents the user certificate. The user certificate is used to authenticate messages.
|Data type:||Variant (array of bytes)|
Property SenderCertificate As Variant
A Variant (array of bytes) containing the user certificate (internal or external) attached to the message.
Use SenderCertificate when you want to authenticate a small number of messages with the same certificate.
When sending a large number of messages using the same certificate, use a security context structure to attach the certificate. A security context structure is obtained by calling MSMQMessage.AttachCurrentSecurityContext2. This method creates a security context structure based on the certificate that is in SenderCertificate, the corresponding private key, and the user's SID and stores a handle to the security context in the object. If SenderCertificate is not set before calling AttachCurrentSecurityContextMSMQMessage.AttachCurrentSecurityContext2, then the Message Queuing internal certificate for the user is used for the security context.
Message Queuing uses the certificate to authenticate the message. However, the receiving application can use the information in an external certificate to further verify who sent the message. (When an internal certificate is used, the information in the certificate is not useful to the receiving application.)
The receiving application should use SenderCertificate only when an external certificate is sent with the message. After retrieving the certificate, use the CryptoAPI functions to validate the information in the certificate. (If you don't know if an external or internal certificate was sent, retrieve the certificate and look at its locality attribute. If the locality attribute was set by MSMQ, then the certificate is a Message Queuing internal certificate.)
Equivalent API Function Property
With API function calls, the equivalent property for setting and retrieving the user certificate is PROPID_M_SENDER_CERT.
|For information on||See|
|What it means to authenticate a message||Message Authentication|
|Registering internal and external certificates||Registering a Certificate|
|How messages are authenticated||How Message Queuing Authenticates Messages|
|Using a security context structure||When to Use a Security Context Structure|
Windows NT/2000/XP: Included in Windows NT 4.0 SP3 and later.
Windows 95/98/Me: Included in Windows 95 and later.
Header: Declared in Mqoai.h.
Library: Use Mqoa.lib.