Client certificate authentication

[malichishti]

Hi,

How can i setup following configuration using M2MQTT in c#:

I'm trying to connect using client certificate and key file.

Thank you

[dpmcgarry]

You'll need to create a PFX file from your CA, Cert, and private key.
Easiest way is to use openssl on the command line:
openssl pkcs12 -export -out <OutputName>.pfx -inkey client.key -in client.crt -certfile mosquitto.org.cer
Be sure to set a password for the PFX when openssl prompts you.
Then in your C# code load in both the PFX and the CA Cert:

X509Certificate2 clientCert = new X509Certificate2("<OutputName>.pfx", "Password");
X509Certificate caCert = X509Certificate.CreateFromCertFile("mosquitto.org.cer");
// Then create the client referencing the certs
MqttClient client = new MqttClient(endpoint, BrokerPort, true, caCert, clientCert, MqttSslProtocols.TLSv1_2);

This should work.

[kate6590]

thanks a lot ,I solved this problem,

and here is guide about install [openssl] for beginner
1.Download openssl then install http://slproweb.com/products/Win32OpenSSL.html ( Full version works only)
2.add installation path (/.../bin)to Environment variable.
3.open cmd then switch path to # Where certificate file is kept,
input "openssl pkcs12 -export -out ca20181030.pfx -inkey client.key -in client.crt -certfile ca.crt"
,Then Input password , done.

[jhalbrecht]

You'll need to create a PFX file from your CA, Cert, and private key.

@dpmcgarry Is this a requirement of M2Mqtt or windows System.Security.Cryptography.X509Certificates ?

[dpmcgarry]

That's a requirement of windows / System.Security.Cryptography.X509Certificates. From my experience Windows / .NET only deals with private keys using PFX bundles, not the individual pem files.