SSL/TLS support about mqttnet HOT 12 CLOSED

Hi,
I assume you require this for MQTTClient only or for MQTTServer as well?

This feature is actually not on the list but I agree that this is very useful.
Do you want to add it and create a pull request?

If not I will put this on my list but I assume it will require some time to complete.

Best regards
Christian

from mqttnet.

I personally require it only for the MQTTClient, but it would be prudent to add the feature to the MQTTServer as well.

I can take a look at the code and see whether I can add it, and I'll let you know.

Cheers,
PdM

from mqttnet.

OK perfect, then let me know 👍

from mqttnet.

I've gone ahead and added the SSL support and created a pull request for your perusal.

Cheers!
PdM

from mqttnet.

Hi,
I reviewed the changes. Good work!
I will take care of the Universal-Framework changes when it is merged.

Best regards
Christian

from mqttnet.

Hi,
I added the UniversalWindows part and refactored some parts. Can you tell me if the state from the develop-branch works for you? If it works I will release version 2.1.3 soon.

Best regards
Christian

from mqttnet.

Looks good! Should work well enough.

I don't see where in MqttServerAdapter.cs where _sslCertificate is consumed. I am not familiar enough with the Universal Windows framework to know exactly what the process is, but from what I can gather for the client side:

var socket = new StreamSocket();
Windows.Security.Cryptography.Certificates.Certificate cert = ...;
socket.Control.ClientCertificate = certificate;
await socket.ConnectAsync(dest, SocketProtectionLevel.Tls12);

Perhaps there is a similar method for StreamSocketListener?

Edit: From what I can gather, Windows Universal does not support server-side SSL... curious. Perhaps it's best to throw an exception if options.SslEndpointOptions.IsEnabled is true in MqttServerAdapter.

from mqttnet.

Ah yes I forgot to say that I will test if this is supported. At the moment only the Client side is completed for all frameworks.

Where did you read that it is not supported?

from mqttnet.

Ah, perfect then.

The not supported part can be found on the docs: The UpgradeToSslAsync method only implements the client parts of the SSL protocol negotiation, not the server parts that would be needed to listen for and accept SSL connections.

from mqttnet.

Mhh this is confusing because the StreamSocketListener has a parameter which accepts TLS when binding to a port etc!? But I found no way to set the certificate.

So I assume you area right and I need to throw a "NotSupportedException" there. Stupid UWP! I found some blog articles about that. No HTTP server, no SSL support. And this is an IoT platform!?

from mqttnet.

Aye, I don't know. Microsoft seriously dropped the ball on the serverside here.

The best course of action is to throw a NotSupportedException explaining why the feature isn't in UWP, then send a letter to Microsoft requesting proper SSL support.

C'est la vie.

from mqttnet.

You are right. I added a NotSupportedException... I will release a new nuget-package soon. Thanks for your support.

from mqttnet.