Authenticating Messages Using an Internal Certificate

From an application perspective, authenticating messages using an internal certificate requires registering the internal certificate with MSMQ, and setting the appropriate message properties. An internal certificate is created the first time the MSMQ Control Panel utility is run.

The following procedures highlight what must be done by the sending computer to request authentication using an internal certificate, and what the receiving application can do to determine if MSMQ was able to authenticate the message.

To request authentication using an internal certificate

Register the internal certificate using the MSMQ Control Panel option.
Set PROPID_M_AUTH_LEVEL to MQMSG_AUTH_LEVEL_ALWAYS in the message properties.
Make sure PROPID_M_SENDER_CERT is not specified.
If you want to change the hash algorithm MSMQ uses to authenticate the message, set PROPID_M_HASH_ALG (the default algorithm is CALG_MD5).
If you want MSMQ to return an acknowledgment to show that the message reached the queue or was retreived, set PROPID_M_ACKNOWLEDGE to MQMSG_ACKNOWLEDGMENT_FULL_REACH_QUEUE | MQMSG_ACKNOWLEDGMENT_NACK_REACH_QUEUE | MQMSG_ACKNOWLEDGMENT_FULL_RECEIVE | MQMSG_ACKNOWLEDGMENT_NACK_RECEIVE.
Send the message.

After the message is sent, the remaining work is done by MSMQ. For information on what MSMQ does to authenticate messages, see How MSMQ Authenticates Messages.

To receive an authenticated message

When reading the message in the queue, verify that PROPID_M_AUTHENTICATED is set to 1. If it is set to 0, the message was not signed and it is up to the receiving application to decide if it wants to use the message.

When a message is authenticated (PROPID_M_AUTHENTICATED = 1) using an internal certificate, MSMQ guarantees that the sender identifier in PROPID_M_SENDERID is correct, and that no one tampered with the message.