Message authentication allows the receiving application to verify the source of a message and that the message was not modified on its way to the queue. This is done by attaching a digital signature to the message when it is sent,and verifying the digital signature when the message reaches the queue. The digital signature is created by MSMQ and attached to the message when the message is sent. The receiving MSMQ Queue Manager then uses the digital signature to verify the sender and that the message was not modified.
To digitally sign a message, the sending application supplies a signature key pair for creating the digital signature. The signature key pair is made up of a public signing key and a private signing key.
The information used to validate who sent the message is contained in security certificates. MSMQ can use an internal certificate that is provided by MSMQ or an external certificate that is obtained from a certification authority (CA).
Internal certificates are typically used when only the sender identifier is used to authenticate the message. In this case, MSMQ uses the sender identifier to authenticate the message, and the receiving application does nothing. There is no other information used to verify the sender, and only the sender identifier is guaranteed correct. Internal certificates can also be used without the sender identifier if you want only to verify that the message was not tampered with.
Note When an internal security certificate is used, the private signing key is registered the first time that the MSMQ Control Panel application is run.
External certificates are used when you want to use more than just the sender identifier to authenticate the message. The information in the external certificate is guaranteed by the certification authority that created the certificate. MSMQ does not validate an external certificate.
In this case, it is the receiving application's responsibility to validate the certificate before using the authenticated message. MSMQ generates the digital signature of a message when it is sent and verifies the digital signature when the message is received, but it does not validate the certificate itself.
Note External certificates are required when communicating with operating environments other than Windows NT® where the sender identifier is meaningless.
For information on… | See… |
---|---|
Using an internal certificate | Authenticating Messages Using an Internal Certificate |
Using an external certificate | Authenticating Messages Using an External Certificate |
Specifying certificates | SenderCertificate (ActiveX) PROPID_M_SENDER_CERT (C API) |
Sender identifier properties | SenderId (ActiveX) PROPID_M_SENDERID (C API) |
The authentication process | How MSMQ Authenticates Messages |