Findings about using certificates and Tls in server. #124
Comments
|
Hi, |
|
GOT IT! did the trick |
|
I will repeat the steps in a few days and also update the Wiki. |
|
You can also export as Pfx, but you must set the exportable flag when loading the certificate, like so: var cert = new X509Certificate2("C:\...\certificate.pfx", "pass", X509KeyStorageFlags.Exportable);
var newCert = new X509Certificate2(cert.Export(X509ContentType.Pfx));
var hasPrivateKey = newCert.HasPrivateKey; //true |
|
cvellan great, thank you, its working also on arm linux ( core 2.0) and your solution was only working. |
|
Cannot use TLS on mobile devices using Xamarin. X509ContentType.SerializedCert is not available. However, using desktop or server windows it works and connects to MQTT Mosquito broker. Example: |
|
Re: Cannot use TLS on mobile devices using Xamarin. X509ContentType.SerializedCert is not available: Error at Mono.Btls.X509CertificateImplBtls.Export (System.Security.Cryptography.X509Certificates.X509ContentType contentType, System.Byte[] password) [0x00029] in <3e9b3e26c4694baab3f689687ad40612>:0 |
how you explain a example of code off how connect by TLS?? |
|
certificate.Export(X509ContentType.SerializedCert is not enabled in Xamarin only on working in windows environment (e.g. server)
From: inforaudio <[email protected]>
To: chkr1011/MQTTnet <[email protected]>
Cc: AlbertTester <[email protected]>, Comment <[email protected]>
Sent: 3/13/2019 7:13 PM
Subject: Re: [chkr1011/MQTTnet] Findings about using certificates and Tls in server. (#124)
GOT IT!
certificate.Export(X509ContentType.SerializedCert)
did the trick
so for now I would wait some time if somebody will be able reproduce this steps and confirm that behavior.
Now tls server is running ... I will make some testing.
how you explain a example of code off how connect by TLS??
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
ok. Thanks . So much Thanks. |
|
I dont understand your last message. |
How you got a simple and complete example using certificate files? |
|
Other Question. |
|
This is already in the wiki by now. https://github.com/chkr1011/MQTTnet/wiki/Server#using-a-certificate. Maybe I will extend this a bit. |
I have spent some time trying to run tls encrypted communication on server side mqtt server.
I will try to get together some findings, that may help somebody to success.
1.) tls need certificate with private key, right, and mqtt server internals will check if this is true and if not ...you are out of luck. So I generated certificate with makecert with options from wiki. but tls failed to start because X509Certificate2.HasPrivateKey is false for that certificate.
2.) Finally I was able to get this property to "true" with following steps:
now result is :
string certPath = @"D:\xxx\SecureServer\cert.pfx";
X509Certificate2 certificate = new X509Certificate2(certPath, "ccc");
Console.WriteLine(certificate.HasPrivateKey); //true
next challenge is get to work this:
string certPath = @"D:\xxx\SecureServer\cert.pfx";
X509Certificate2 certificate = new X509Certificate2(certPath, "ccc");
Console.WriteLine(certificate.HasPrivateKey); //result is TRUE
X509Certificate2 cert2 = new X509Certificate2(certificate.Export(X509ContentType.Cert));
Console.WriteLine(cert2.HasPrivateKey); //result is FALSE
this is more-or-less replication of steps what are used when certificate is used in mqttserver with tls options.
I am investigating further.
The text was updated successfully, but these errors were encountered: