Client certificate authentication

[malichishti]

Hi,

How can i setup following configuration using M2MQTT in c#: I'm trying to connect using client certificate and key file.

Thank you

[dpmcgarry]

You'll need to create a PFX file from your CA, Cert, and private key. Easiest way is to use openssl on the command line: openssl pkcs12 -export -out <OutputName>.pfx -inkey client.key -in client.crt -certfile mosquitto.org.cer Be sure to set a password for the PFX when openssl prompts you. Then in your C# code load in both the PFX and the CA Cert:

X509Certificate2 clientCert = new X509Certificate2("<OutputName>.pfx", "Password");
X509Certificate caCert = X509Certificate.CreateFromCertFile("mosquitto.org.cer");
// Then create the client referencing the certs
MqttClient client = new MqttClient(endpoint, BrokerPort, true, caCert, clientCert, MqttSslProtocols.TLSv1_2);

This should work.

[kate6590]

thanks a lot ,I solved this problem,

and here is guide about install [openssl] for beginner 1.Download openssl then install http://slproweb.com/products/Win32OpenSSL.html ( Full version works only) 2.add installation path (/.../bin)to Environment variable. 3.open cmd then switch path to # Where certificate file is kept, input "openssl pkcs12 -export -out ca20181030.pfx -inkey client.key -in client.crt -certfile ca.crt" ,Then Input password , done.

[jhalbrecht]

You'll need to create a PFX file from your CA, Cert, and private key.

@dpmcgarry Is this a requirement of M2Mqtt or windows System.Security.Cryptography.X509Certificates ?

[dpmcgarry]

That's a requirement of windows / System.Security.Cryptography.X509Certificates. From my experience Windows / .NET only deals with private keys using PFX bundles, not the individual pem files.