bool InternalUserCertificateValidationCallback(object sender, X509Certificate x509Certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { var certificateValidationHandler = _tcpOptions?.TlsOptions?.CertificateValidationHandler; if (certificateValidationHandler != null) { var eventArgs = new MqttClientCertificateValidationEventArgs { Certificate = x509Certificate, Chain = chain, SslPolicyErrors = sslPolicyErrors, ClientOptions = _tcpOptions }; return(certificateValidationHandler(eventArgs)); } return(sslPolicyErrors == SslPolicyErrors.None); }
void SetupClientWebSocket(ClientWebSocket clientWebSocket) { if (_options.ProxyOptions != null) { clientWebSocket.Options.Proxy = CreateProxy(); } if (_options.RequestHeaders != null) { foreach (var requestHeader in _options.RequestHeaders) { clientWebSocket.Options.SetRequestHeader(requestHeader.Key, requestHeader.Value); } } if (_options.SubProtocols != null) { foreach (var subProtocol in _options.SubProtocols) { clientWebSocket.Options.AddSubProtocol(subProtocol); } } if (_options.CookieContainer != null) { clientWebSocket.Options.Cookies = _options.CookieContainer; } if (_options.TlsOptions?.UseTls == true && _options.TlsOptions?.Certificates != null) { clientWebSocket.Options.ClientCertificates = new X509CertificateCollection(); foreach (var certificate in _options.TlsOptions.Certificates) { #if WINDOWS_UWP clientWebSocket.Options.ClientCertificates.Add(new X509Certificate(certificate)); #else clientWebSocket.Options.ClientCertificates.Add(certificate); #endif } } var certificateValidationHandler = _options.TlsOptions?.CertificateValidationHandler; if (certificateValidationHandler != null) { #if NETSTANDARD1_3 throw new NotSupportedException("Remote certificate validation callback is not supported when using 'netstandard1.3'."); #elif NETSTANDARD2_0 throw new NotSupportedException("Remote certificate validation callback is not supported when using 'netstandard2.0'."); #elif WINDOWS_UWP throw new NotSupportedException("Remote certificate validation callback is not supported when using 'uap10.0'."); #elif NET452 throw new NotSupportedException("Remote certificate validation callback is not supported when using 'net452'."); #elif NET461 throw new NotSupportedException("Remote certificate validation callback is not supported when using 'net461'."); #else clientWebSocket.Options.RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { // TODO: Find a way to add client options to same callback. Problem is that they have a different type. var context = new MqttClientCertificateValidationEventArgs { Certificate = certificate, Chain = chain, SslPolicyErrors = sslPolicyErrors, ClientOptions = _options }; return(certificateValidationHandler(context)); }; #endif } }