Question: missing documentation / sample for using Client Certificates with the new MqttClientOptionsBuilder / WithTlsOptions / WithClientCertificatesProvider

Question

Question: missing documentation / sample for using Client Certificates with the new MqttClientOptionsBuilder / WithTlsOptions / WithClientCertificatesProvider

hbertsch opened this issue 6 months ago · 2 comments

Describe your question

I upgraded to 4.3.6.1152 coming from 4.2.1.781

Which project is your question related to?

I was using this code to attach client certificates for MQTT client authentication:

var mqttClientOptions = new MqttClientOptionsBuilder()
                .WithTcpServer(
                    connectionInfo.MqttConnectionInformation.MqttUri,
                    connectionInfo.MqttConnectionInformation.MqttPort)
                .WithClientId(connectionInfo.MqttConnectionInformation.ClientId)
                .WithTls(new MqttClientOptionsBuilderTlsParameters
                {
                    UseTls = true,
                    SslProtocol = System.Security.Authentication.SslProtocols.Tls12,
                   
                    // this is one X509Certificate2
                    Certificates = new[] { myClientCertificates },
                    CertificateValidationHandler = delegate { return true; },
                })
                .WithProtocolVersion(MQTTnet.Formatter.MqttProtocolVersion.V500)
                .Build();

This was throwing the following warnings:

warning CS0618: 'MqttClientOptionsBuilderTlsParameters' is obsolete: 'Use methods from MqttClientOptionsBuilder instead.'
warning CS0618: 'MqttClientOptionsBuilderTlsParameters.Certificates' is obsolete: 'Use CertificatesProvider instead.'
warning CS0618: 'MqttClientOptionsBuilder.WithTls(MqttClientOptionsBuilderTlsParameters)' is obsolete: 'Use WithTlsOptions(... configure) instead.'

I managed to resolve the ssl protocol and validation warning but I do not know how to resolve the issue with the CertificatesProvider. There is no sample or documentation (I could find) on how to do this. Can you please help me out here?

var mqttClientOptions = new MqttClientOptionsBuilder()
                .WithTcpServer(
                    connectionInfo.MqttConnectionInformation.MqttUri,
                    connectionInfo.MqttConnectionInformation.MqttPort)
                .WithClientId(connectionInfo.MqttConnectionInformation.ClientId)
                .WithTlsOptions(opt =>
                {
                    opt.WithSslProtocols(SslProtocols.Tls12);
                    opt.WithCertificateValidationHandler(_ => true);
                    opt.WithClientCertificatesProvider(...???...);
                })
                .WithProtocolVersion(MQTTnet.Formatter.MqttProtocolVersion.V500)
                .Build();

Answer 1 · 2024-09-25T12:30:28.000Z

Hello, have you found a solution?