0

Hi I am using M2Mqtt C# library and I want to connect to the hive MQ broker via security. Hive MQ is ssl enabled, I edited the config.xml to use the java Key store(.jks) for enabling ssl.

I am using self signed certificates. I have got certificates from my organization, from which I have generated java key store.

ClientLocal = new MqttClient(IPAddress.Parse("127.0.0.1"), 8883,
                             true, new X509Certificate(@"C:\Users\310208195\root.crt")
                             , new X509Certificate(@"C:\Users\310208195\root.crt")
                              MqttSslProtocols.TLSv1_2);


 public MqttClient(IPAddress brokerIpAddress, int brokerPort, bool secure, X509Certificate caCert, X509Certificate clientCert, MqttSslProtocols sslProtocol);

this is library which requires the following parameters.

I have the root.crt which I am passing for CA.crt while connecting. what should I upload for Client certificate and is the .crt format correct for X509 format.

//so after some try I got the below 

ClientLocal = new MqttClient(IPAddress.Parse("127.0.0.1"), 8883, false, new X509Certificate(@"C:\Users\310208195\Documents\root.crt"), new X509Certificate2(), MqttSslProtocols.TLSv1_2);

I have left blank but I get exception connecting to broker. "The remote certificate is invalid according to the validation procedure."}

this is mqtt code

public void Initialize()
{
Client_ID = Guid.NewGuid().ToString();
//ClientLocal.ProtocolVersion = MqttProtocolVersion.Version_3_1;
ClientLocal = new MqttClient(“127.0.0.1”, 8883, true, new X509Certificate(Resources.root), MqttSslProtocols.TLSv1_2); ///root.crt is the certificate
//ClientLocal.Connect(Client_ID, “admin”, “admin”, false, MqttMsgBase.QOS_LEVEL_EXACTLY_ONCE,
// true, “drlastwill”, “hey, it’s me DR-service app,please restart me!”, true, 60);
ClientLocal.Connect(Client_ID, “admin”, “admin”);
MessageBox.Show(“Connection has been established succesully “);
ushort byt = ClientLocal.Subscribe(new string[] { “event” }, new byte[] { MqttMsgBase.QOS_LEVEL_EXACTLY_ONCE }); // QOS -2
ushort byt2 = ClientLocal.Subscribe(new string[] { “report” }, new byte[] { MqttMsgBase.QOS_LEVEL_AT_LEAST_ONCE });
ClientLocal.MqttMsgSubscribed += Client_MqttMsgSubscribed;
// ClientLocal.MqttMsgPublishReceived += Client_MqttMsgPublishReceived;
}
hardillb
  • 54,545
  • 11
  • 67
  • 105
Anil Gadiyar
  • 399
  • 1
  • 2
  • 16
  • It depends what type of SSL connection you are trying to create. 1. Just a normal secure connection (confirming the identity of the broker) or 2. a mutually authenticated connection (confirming the identity of both the client and the broker) – hardillb Oct 11 '17 at 09:35
  • @hardillb Just a normal secure connection confirming the identity of the broker is what we are trying. for this kind of communication should we pass client cert ? if not how should I call this method. – Anil Gadiyar Oct 11 '17 at 09:49
  • No, there should be no client cert needed. I don't use M2mqtt but it probably should be left blank/null – hardillb Oct 11 '17 at 09:50
  • 2
    Edit the question, do not try to add technical detail in comments. include the updated code and the error so somebody else may be able to help – hardillb Oct 11 '17 at 09:59

0 Answers0