0

We want to use C# to develop an MQTT device client which publishes events to IoT Platform on Bluemix (IoTP). Also, we want to use SSL Client certificate and token to connect. We are referring https://github.com/ibm-watson-iot/iot-csharp/blob/master/docs/CACertificate.md, however, we heard that .NET 4.5 is the only supported version for now. Since we have some applications currently running on .NET 3.5 sp1, we prefer to use it rather than upgrading those applications to .NET 4.5. We heard the reason of .NET 4.5 is because IoTP depends on TLS 1.2. If that is the case, is it possible to m2mqtt(v4.0 framwork3.5) by replacing network communication with wolfssl(c++) or something else? We confirmed we could use TLS 1.2 in this way, but it fails to connect to IoTP because SSL certificate request doesn’t come from IoTP.

In summary, is there a way to use .NET 3.5 sp1 connecting to IoTP with using SSL Client certificate and token? Any comments or suggestions must be appreciated. Thanks.

amadain
  • 2,724
  • 4
  • 37
  • 58
Kohji
  • 25
  • 3
  • 1
    It is true IoTP requires TLS1.2+; anything less is not secure. Don't understand your workaround/issue with it. Might be good to add your code and error you get. Please also see https://stackoverflow.com/questions/43240611/net-framework-3-5-and-tls-1-2 – amadain Nov 27 '17 at 09:20
  • Thank you for the reply. I forgot to mention that we saw CONN_REFUSED_NOT_AUTHORIZED when we tried to connect from C# .NET 3.5 sp1 to IoTP. We confirm our C# itself can communicate in TLS 1.2, however, it fails when we connect to IoTP. Currently we are digging into it. If there is any finding or if we can share sample code , I will post here. Thanks. – Kohji Nov 28 '17 at 10:58
  • With security it can be tricky as errors are necessarily generic - but you could log a ticket if you can't progress and someone could look in the server's logs for you; see if anything more useful for debugging. – amadain Nov 28 '17 at 11:27
  • We managed to get C# worked on .NET 3.5 sp1 + TLS1.2 like a) Enable TLS 1.2 on .NET 3.5 sp1 by following https://support.microsoft.com/en-us/help/3154518/support-for-tls-system-default-versions-included-in-the--net-framework. b) Build M2Mqtt.Net.DLL with using PAHO M2Mqtt (https://github.com/eclipse/paho.mqtt.m2mqtt). c) Use the DLL in ClientCA_Authentication sample. Thank you for the comment which gave us a lot of insight. – Kohji Nov 29 '17 at 03:29

0 Answers0