Client certificate authentication
malichishti opened this issue · 4 comments
Hi,
How can i setup following configuration using M2MQTT in c#:
I'm trying to connect using client certificate and key file.
Thank you
You'll need to create a PFX file from your CA, Cert, and private key.
Easiest way is to use openssl on the command line:
openssl pkcs12 -export -out <OutputName>.pfx -inkey client.key -in client.crt -certfile mosquitto.org.cer
Be sure to set a password for the PFX when openssl prompts you.
Then in your C# code load in both the PFX and the CA Cert:
X509Certificate2 clientCert = new X509Certificate2("<OutputName>.pfx", "Password");
X509Certificate caCert = X509Certificate.CreateFromCertFile("mosquitto.org.cer");
// Then create the client referencing the certs
MqttClient client = new MqttClient(endpoint, BrokerPort, true, caCert, clientCert, MqttSslProtocols.TLSv1_2);
This should work.
thanks a lot ,I solved this problem,
and here is guide about install [openssl] for beginner
1.Download openssl then install http://slproweb.com/products/Win32OpenSSL.html ( Full version works only)
2.add installation path (/.../bin)to Environment variable.
3.open cmd then switch path to # Where certificate file is kept,
input "openssl pkcs12 -export -out ca20181030.pfx -inkey client.key -in client.crt -certfile ca.crt"
,Then Input password , done.
You'll need to create a PFX file from your CA, Cert, and private key.
@dpmcgarry Is this a requirement of M2Mqtt or windows System.Security.Cryptography.X509Certificates ?
That's a requirement of windows / System.Security.Cryptography.X509Certificates. From my experience Windows / .NET only deals with private keys using PFX bundles, not the individual pem files.