@@ -52,7 +52,11 @@ namespace MQTTnet.TestApp.NetCore | |||||
if (channelOptions.TlsOptions.UseTls) | if (channelOptions.TlsOptions.UseTls) | ||||
{ | { | ||||
uri = "wss://" + channelOptions.Uri; | uri = "wss://" + channelOptions.Uri; | ||||
#if NETCOREAPP3_0 || NET5_0 | |||||
sslProtocols = SslProtocols.Tls13; | |||||
#else | |||||
sslProtocols = SslProtocols.Tls12; | sslProtocols = SslProtocols.Tls12; | ||||
#endif | |||||
} | } | ||||
var subProtocol = channelOptions.SubProtocols.FirstOrDefault() ?? string.Empty; | var subProtocol = channelOptions.SubProtocols.FirstOrDefault() ?? string.Empty; | ||||
@@ -212,9 +212,15 @@ namespace MQTTnet.Server.Mqtt | |||||
// Configure encrypted connections | // Configure encrypted connections | ||||
if (_settings.EncryptedTcpEndPoint.Enabled) | if (_settings.EncryptedTcpEndPoint.Enabled) | ||||
{ | { | ||||
#if NETCOREAPP3_0 || NET5_0 | |||||
options | |||||
.WithEncryptedEndpoint() | |||||
.WithEncryptionSslProtocol(SslProtocols.Tls13); | |||||
#else | |||||
options | options | ||||
.WithEncryptedEndpoint() | .WithEncryptedEndpoint() | ||||
.WithEncryptionSslProtocol(SslProtocols.Tls12); | .WithEncryptionSslProtocol(SslProtocols.Tls12); | ||||
#endif | |||||
if (!string.IsNullOrEmpty(_settings.EncryptedTcpEndPoint?.Certificate?.Path)) | if (!string.IsNullOrEmpty(_settings.EncryptedTcpEndPoint?.Certificate?.Path)) | ||||
{ | { | ||||
@@ -19,7 +19,11 @@ namespace MQTTnet.Client.Options | |||||
public Func<MqttClientCertificateValidationCallbackContext, bool> CertificateValidationHandler { get; set; } | public Func<MqttClientCertificateValidationCallbackContext, bool> CertificateValidationHandler { get; set; } | ||||
#if NETCOREAPP3_0 || NET5_0 | |||||
public SslProtocols SslProtocol { get; set; } = SslProtocols.Tls13; | |||||
#else | |||||
public SslProtocols SslProtocol { get; set; } = SslProtocols.Tls12; | public SslProtocols SslProtocol { get; set; } = SslProtocols.Tls12; | ||||
#endif | |||||
#if WINDOWS_UWP | #if WINDOWS_UWP | ||||
public IEnumerable<IEnumerable<byte>> Certificates { get; set; } | public IEnumerable<IEnumerable<byte>> Certificates { get; set; } | ||||
@@ -26,7 +26,11 @@ namespace MQTTnet.Client.Options | |||||
public List<SslApplicationProtocol> ApplicationProtocols { get; set; } | public List<SslApplicationProtocol> ApplicationProtocols { get; set; } | ||||
#endif | #endif | ||||
#if NETCOREAPP3_0 || NET5_0 | |||||
public SslProtocols SslProtocol { get; set; } = SslProtocols.Tls13; | |||||
#else | |||||
public SslProtocols SslProtocol { get; set; } = SslProtocols.Tls12; | public SslProtocols SslProtocol { get; set; } = SslProtocols.Tls12; | ||||
#endif | |||||
[Obsolete("This property will be removed soon. Use CertificateValidationHandler instead.")] | [Obsolete("This property will be removed soon. Use CertificateValidationHandler instead.")] | ||||
public Func<X509Certificate, X509Chain, SslPolicyErrors, IMqttClientOptions, bool> CertificateValidationCallback { get; set; } | public Func<X509Certificate, X509Chain, SslPolicyErrors, IMqttClientOptions, bool> CertificateValidationCallback { get; set; } | ||||
@@ -39,7 +39,11 @@ namespace MQTTnet.Implementations | |||||
CreateStreams(); | CreateStreams(); | ||||
#if NETCOREAPP3_0 || NET5_0 | |||||
IsSecureConnection = socket.Information.ProtectionLevel >= SocketProtectionLevel.Tls13; | |||||
#else | |||||
IsSecureConnection = socket.Information.ProtectionLevel >= SocketProtectionLevel.Tls12; | IsSecureConnection = socket.Information.ProtectionLevel >= SocketProtectionLevel.Tls12; | ||||
#endif | |||||
ClientCertificate = clientCertificate; | ClientCertificate = clientCertificate; | ||||
Endpoint = _socket.Information.RemoteAddress + ":" + _socket.Information.RemotePort; | Endpoint = _socket.Information.RemoteAddress + ":" + _socket.Information.RemotePort; | ||||
@@ -75,11 +79,23 @@ namespace MQTTnet.Implementations | |||||
_socket.Control.IgnorableServerCertificateErrors.Add(ignorableChainValidationResult); | _socket.Control.IgnorableServerCertificateErrors.Add(ignorableChainValidationResult); | ||||
} | } | ||||
#if NETCOREAPP3_0 || NET5_0 | |||||
var socketProtectionLevel = SocketProtectionLevel.Tls13; | |||||
if (_options.TlsOptions.SslProtocol == SslProtocols.Tls12) | |||||
{ | |||||
socketProtectionLevel = SocketProtectionLevel.Tls12; | |||||
} | |||||
else if (_options.TlsOptions.SslProtocol == SslProtocols.Tls11) | |||||
{ | |||||
socketProtectionLevel = SocketProtectionLevel.Tls11; | |||||
} | |||||
#else | |||||
var socketProtectionLevel = SocketProtectionLevel.Tls12; | var socketProtectionLevel = SocketProtectionLevel.Tls12; | ||||
if (_options.TlsOptions.SslProtocol == SslProtocols.Tls11) | if (_options.TlsOptions.SslProtocol == SslProtocols.Tls11) | ||||
{ | { | ||||
socketProtectionLevel = SocketProtectionLevel.Tls11; | socketProtectionLevel = SocketProtectionLevel.Tls11; | ||||
} | } | ||||
#endif | |||||
else if (_options.TlsOptions.SslProtocol == SslProtocols.Tls) | else if (_options.TlsOptions.SslProtocol == SslProtocols.Tls) | ||||
{ | { | ||||
socketProtectionLevel = SocketProtectionLevel.Tls10; | socketProtectionLevel = SocketProtectionLevel.Tls10; | ||||