Merge pull request #729 from cslutgen/clientcerts

Add Server certificate password and client certificate builders

Source/MQTTnet/Client/Options/MqttClientOptionsBuilder.cs

@@ -139,6 +139,13 @@ namespace MQTTnet.Client.Options
             return this;
         }
 
+        public MqttClientOptionsBuilder WithCredentials(IMqttClientCredentials credentials)
+        {
+            _options.Credentials = credentials;
+
+            return this;
+        }
+
         public MqttClientOptionsBuilder WithExtendedAuthenticationExchangeHandler(IMqttExtendedAuthenticationExchangeHandler handler)
         {
             _options.ExtendedAuthenticationExchangeHandler = handler;

Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs

@@ -48,7 +48,7 @@ namespace MQTTnet.Implementations
                     throw new ArgumentException("TLS certificate is not set.");
                 }
 
-                var tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate);
+                var tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate, options.TlsEndpointOptions.CertificateCredentials.Password);
                 if (!tlsCertificate.HasPrivateKey)
                 {
                     throw new InvalidOperationException("The certificate for TLS encryption must contain the private key.");

Source/MQTTnet/Server/IMqttServerCredentials.cs

@@ -0,0 +1,6 @@
+using System;
+
+public interface IMqttServerCredentials
+{
+    String Password { get; }
+}

Source/MQTTnet/Server/MqttServerOptionsBuilder.cs

@@ -82,9 +82,10 @@ namespace MQTTnet.Server
             return this;
         }
 
-        public MqttServerOptionsBuilder WithEncryptionCertificate(byte[] value)
+        public MqttServerOptionsBuilder WithEncryptionCertificate(byte[] value, IMqttServerCredentials credentials = null)
         {
             _options.TlsEndpointOptions.Certificate = value;
+            _options.TlsEndpointOptions.CertificateCredentials = credentials;
             return this;
         }
 
@@ -94,6 +95,16 @@ namespace MQTTnet.Server
             return this;
         }
 
+#if !WINDOWS_UWP
+        public MqttServerOptionsBuilder WithClientCertificate(RemoteCertificateValidationCallback validationCallback = null, bool checkCertificateRevocation = false)
+        {
+            _options.TlsEndpointOptions.ClientCertificateRequired = true;
+            _options.TlsEndpointOptions.CheckCertificateRevocation = checkCertificateRevocation;
+            _options.TlsEndpointOptions.RemoteCertificateValidationCallback = validationCallback;
+            return this;
+        }
+#endif
+
         public MqttServerOptionsBuilder WithoutEncryptedEndpoint()
         {
             _options.TlsEndpointOptions.IsEnabled = false;
@@ -107,7 +118,7 @@ namespace MQTTnet.Server
             return this;
         }
 #endif
-
+        
         public MqttServerOptionsBuilder WithStorage(IMqttServerStorage value)
         {
             _options.Storage = value;

Source/MQTTnet/Server/MqttServerTlsTcpEndpointOptions.cs

@@ -12,6 +12,8 @@ namespace MQTTnet.Server
 
         public byte[] Certificate { get; set; }
 
+        public IMqttServerCredentials CertificateCredentials { get; set; }
+
         public bool ClientCertificateRequired { get; set; }
 
         public bool CheckCertificateRevocation { get; set; }