INFO: MSMQ Explorer and Encrypted Messages

• Microsoft Message Queue Server version 1.0

SUMMARY

Microsoft Message Queue Server (MSMQ) Explorer shows encrypted messages as clear text in the destination queue. This behavior is by design. You can determine from the Explorer or from inside an application if a specific message was encrypted when it was sent.

MORE INFORMATION

MSMQ provides a secured channel for sending private, encrypted messages throughout your MSMQ enterprise. MSMQ ensures that the body of private messages are kept encrypted from the moment they leave the source Queue Manager to the moment they reach their target Queue Manager.

Messages are encrypted at the source computer and decrypted at the destination computer. With encryption and decryption provided by MSMQ Queue Managers, applications do not have to encrypt messages when they are sent or decrypt messages when they are received. They appear in the destination queue as clear text for the receiving application to read.

The privacy level of a queue (PROPID_Q_PRIV_LEVEL) determines how the queue handles encrypted messages. If a queue's privacy level is Optional (MQ_PRIV_LEVEL_OPTIONAL), a user can verify whether a message sent to the queue was encrypted or decrypted by checking the messages properties in MSMQ Explorer. Take a look at the Sender tab in message properties in the Explorer to find if it was encrypted or not.

You can pass PROPID_M_PRIV_LEVEL to MQReceiveMessage and look at the returned value to find out if a message was sent encrypted.

REFERENCES

For more details on privacy issues and complete examples of sending a private message using C API and ActiveX, take a look at "Private Messages" topic in SDK Online help.

Microsoft Message Queue Server Online Help