MSMQ provides security services that allow applications to authenticate messages using either internal or external certificates. When using an internal certificate to send messages, MSMQ verifies the security identifier (SID) of the sending application but nothing more. When using an external certificate to send messages, MSMQ can still verify the sender's SID, and the receiving application can use the additional information provided in the certificate to verify the sender as well.
After deciding what type of certificate to use, you must also decide how MSMQ will get the information it needs from the certificate. If you are sending a small number of messages with the same certificate, you can let MSMQ extract the information each time a message is sent. However, if you are sending a large number of messages, you can make a separate call to extract the security context information from the certificate and place it in a buffer that can be later referenced by MSMQ when it sends the messages. Using the certificate's security context is recommended when you are authenticating a large number of messages with the same certificate.
For information on… | See… |
---|---|
What MSMQ does to authenticate messages | How MSMQ Authenticates Messages |
Sending messages using an internal certificate | Authenticating Messages Using an Internal Certificate |
Sending messages using an external certificate | Authenticating Messages Using an External Certificate |