insert_smime_info
Upload S/MIME certificates to configure email encryption and digital signatures for a Gmail send-as alias, enabling secure message authentication.
Instructions
Insert (upload) the given S/MIME config for the specified send-as alias
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| sendAsEmail | Yes | The email address that appears in the 'From:' header | |
| encryptedKeyPassword | Yes | Encrypted key password | |
| pkcs12 | Yes | PKCS#12 format containing a single private/public key pair and certificate chain |
Implementation Reference
- src/index.ts:1261-1274 (registration)Registration of the 'insert_smime_info' MCP tool, defining its schema and handler. The handler authenticates via handleTool, calls the Gmail API to insert S/MIME configuration (PKCS12 certificate and password) for a send-as email address, and formats the response.server.tool("insert_smime_info", "Insert (upload) the given S/MIME config for the specified send-as alias", { sendAsEmail: z.string().describe("The email address that appears in the 'From:' header"), encryptedKeyPassword: z.string().describe("Encrypted key password"), pkcs12: z.string().describe("PKCS#12 format containing a single private/public key pair and certificate chain") }, async (params) => { return handleTool(config, async (gmail: gmail_v1.Gmail) => { const { data } = await gmail.users.settings.sendAs.smimeInfo.insert({ userId: 'me', sendAsEmail: params.sendAsEmail, requestBody: params }) return formatResponse(data) }) } )
- src/index.ts:1268-1273 (handler)Handler function for 'insert_smime_info' tool. Wraps the Gmail API call with authentication handling via handleTool and response formatting.async (params) => { return handleTool(config, async (gmail: gmail_v1.Gmail) => { const { data } = await gmail.users.settings.sendAs.smimeInfo.insert({ userId: 'me', sendAsEmail: params.sendAsEmail, requestBody: params }) return formatResponse(data) }) }
- src/index.ts:1263-1267 (schema)Input schema for 'insert_smime_info' tool using Zod: requires sendAsEmail, encryptedKeyPassword, and pkcs12 data.{ sendAsEmail: z.string().describe("The email address that appears in the 'From:' header"), encryptedKeyPassword: z.string().describe("Encrypted key password"), pkcs12: z.string().describe("PKCS#12 format containing a single private/public key pair and certificate chain") },
- src/index.ts:50-80 (helper)Shared helper function 'handleTool' used by all Gmail tools, including 'insert_smime_info', for OAuth2 authentication, client creation, API call execution, and error handling with specific auth error responses.const handleTool = async (queryConfig: Record<string, any> | undefined, apiCall: (gmail: gmail_v1.Gmail) => Promise<any>) => { try { const oauth2Client = queryConfig ? createOAuth2Client(queryConfig) : defaultOAuth2Client if (!oauth2Client) throw new Error('OAuth2 client could not be created, please check your credentials') const credentialsAreValid = await validateCredentials(oauth2Client) if (!credentialsAreValid) throw new Error('OAuth2 credentials are invalid, please re-authenticate') const gmailClient = queryConfig ? google.gmail({ version: 'v1', auth: oauth2Client }) : defaultGmailClient if (!gmailClient) throw new Error('Gmail client could not be created, please check your credentials') const result = await apiCall(gmailClient) return result } catch (error: any) { // Check for specific authentication errors if ( error.message?.includes("invalid_grant") || error.message?.includes("refresh_token") || error.message?.includes("invalid_client") || error.message?.includes("unauthorized_client") || error.code === 401 || error.code === 403 ) { return formatResponse({ error: `Authentication failed: ${error.message}. Please re-authenticate by running: npx @shinzolabs/gmail-mcp auth`, }); } return formatResponse({ error: `Tool execution failed: ${error.message}` }); } }