Discuss this help topic in SecureBlackbox Forum


TElX509CertificateValidator     See also     

Filter: C#  VB.NET  Pascal  C++  PHP  Java  

Use this method to check validity of the certificates used to sign S/MIME mail messages.


    Sub ValidateForSMIME(ByVal Certificate As TElX509Certificate, ByVal EMailAddress As String, ByVal AdditionalCertificates As TElCustomCertStorage, ByVal CompleteChainValidation As Boolean, ByVal ValidityMoment As DateTime, ByRef Validity As TSBCertificateValidity, ByRef Reason As TSBCertificateValidityReason)

    void ValidateForSMIME(TElX509Certificate $Certificate, string $EMailAddress, TElCustomCertStorage $AdditionalCertificates, bool $CompleteChainValidation, DateTime $ValidityMoment, integer &$Validity, integer &$Reason)

    void validateForSMIME(TElX509Certificate Certificate, String EMailAddress, TElCustomCertStorage AdditionalCertificates, boolean CompleteChainValidation, Date ValidityMoment, TElX509CertificateValidatorResult Res);


  • AdditionalCertificates - Additional certificates that might be known or obtained from the e-mail.
  • Certificate - Certificate to be validated.
  • CompleteChainValidation - Specifies whether to check issuer (CA) certificates when the certificate is invalid.
  • EMailAddress - Mail sender's e-mail address.
  • Reason - On return contains validity status reasons of the certificate.
  • Validity - On return contains validity status of the certificate.
  • ValidityMoment - Specifies the time when the certificate must be valid (i.e. the moment of e-mail creation or sending or receipt).
  • Res -

Validity values

Validity reasons


     Use this method to validate the certificate received in signed S/MIME mail messages. You need to pass the end-entity certificate only - CA certificates will be retrieved via Certificate's Chain property. If the chain is not available, you can pass CA certificates via AdditionalCertificates parameter or using AddKnownCertificates() method.

     The method checks whether the certificate names correspond to given e-mail address. Next certificate's Key Usage fields are checked to ensure that the certificate may be used for signing e-mail. Finally, Validate() method is called to validate the certificate itself.

     When CompleteChainValidation = true and the certificate is found to be not valid, certificate validation continues, i.e. issuer (CA) certificates are validated as well. This lets you create validation report which should include all certificates in the chain. When CompleteChainValidation = false and the certificate is not valid, further validation is not performed and Validate() method returns immediately.

     Since version 13 ResetCertificateCache parameter has been replaced with ResetCertificateCache class method.

See also:     ResetCertificateCache     Validate     ValidateForSSL     ValidateForTimestamping    

Discuss this help topic in SecureBlackbox Forum