Comments (6)
Hi,
yes I know that global solution from regular .NET framework.
In general there is a dedicated object for Tls options for this in the MQTT client.
In my opinion there should be a new boolean value which allows ignoring self signed certificates. Something similar is already there for revoked certificates. Maybe this can be reused or already works for your case!?
Then the implementations should inspect the options and add a handler in the SslStream etc. so that there is no new factory required and the user can set it with a simple option.
What do you think about this solution?
Best regards
Christian
from mqttnet.
I don't think a simple Boolean property would be sufficient. There isn't a specific property on a Self-Signed cert identifying it as such. A Func<,,,>
matching the signature of the delegate could be exposed as a property. This would allow the developer full control over what certificates to accept/reject.
I think something alone these lines would work for my specific use case. I guess what I was also trying to resolve is the need to always have a property for each setting that should be mapped back. At some point if the needed functionality deviates from the standard design the developer would be better off constructing the SSL stream externally.
The public MqttTcpChannel(Socket socket, SslStream sslStream)
signature indicates this is possible, alas the SslStream
property is always overwritten by an internal call during ConnectAsync(), making it unsuitable for Client communications.
from mqttnet.
I agree but the Func you mentioned must be sufficient for all frameworks. I saw that core has different properties than the classic .NET stuff. If you provide such a function the implementation must map this function to the used stream which might be not possible because UWP don't has this function. It only has several enum which are describing what certificate status can be ignored. So a Func will not make sense in my opinion. A boolean is easier for that. What do you think about this?
Best regards
Christian
from mqttnet.
Please have a look at the develop branch. I added several TLS options regarding certificate validation. Please let me know if this fits your needs.
from mqttnet.
Looks like it should work fine for my needs. I will take the updated package a run a few tests.
from mqttnet.
I also added a callback mechanism for dealing with complex certificate validations. It is described in the wiki. I will close this ticket. Please let me know it you need more features to deal with certificates.
Best regards
Christian
from mqttnet.
Related Issues (20)
- Gg HOT 1
- Triggering continues disconnection in MQTT server HOT 1
- Security alerts on MQTTnet.AspNetCore HOT 1
- First connection attempt of ManagedClient is always failing
- Auto-reconnect documenation and samples are a bit confusing
- 订阅高并发topic场景会存在内存泄漏 HOT 4
- 客户端收到的消息不是最新的 The message received by the client is not the latest HOT 3
- I am trying MQTTNet managed client in of my POC but its very slow.
- ManagedMqttClient.SubscribeAsync does not handle or inform about subscription errors HOT 1
- Connection timeout error due to high latency on the network
- Invert conditions in aspnet package csproj
- Cannot Connect Server on Android/MAUI Blazor Project
- Maximum message / s throughput for a single subscriber can't stay above 10000 m/s HOT 5
- Flaky exceptions for oversized messages HOT 1
- Intercepting Publish on server does not return the correct status code to the client HOT 3
- Retained Messages limited to 250 HOT 1
- MqttServer.StartAsync Unable to actually start the listening port HOT 5
- MqttClient Publish a message when you are inside the `InterceptingPublishAsync` result to an Error when the Client Publish a QoS 1
- MqttServer messages send get lost while client is subscribing HOT 2
- Unable to use certificate in Ubuntu (TLS1.2) HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mqttnet.