From b09f31d654a4cb1201e4736ff9113f8c112459d5 Mon Sep 17 00:00:00 2001 From: Christian Kratky Date: Tue, 13 Aug 2019 20:07:10 +0200 Subject: [PATCH] Fix TCP server adpater when using empty password. --- .../Implementations/MqttTcpServerAdapter.cs | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs b/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs index e3dcab8..d7f4e6f 100644 --- a/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs +++ b/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs @@ -41,14 +41,24 @@ namespace MQTTnet.Implementations RegisterListeners(options.DefaultEndpointOptions, null, _cancellationTokenSource.Token); } - if (options.TlsEndpointOptions.IsEnabled) + if (options.TlsEndpointOptions?.IsEnabled == true) { if (options.TlsEndpointOptions.Certificate == null) { throw new ArgumentException("TLS certificate is not set."); } - var tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate, options.TlsEndpointOptions.CertificateCredentials.Password); + X509Certificate2 tlsCertificate; + if (string.IsNullOrEmpty(options.TlsEndpointOptions.CertificateCredentials?.Password)) + { + // Use a different overload when no password is specified. Otherwise the constructor will fail. + tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate); + } + else + { + tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate, options.TlsEndpointOptions.CertificateCredentials.Password); + } + if (!tlsCertificate.HasPrivateKey) { throw new InvalidOperationException("The certificate for TLS encryption must contain the private key.");