UCS/UCS_Status_Monitor
2
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Mqtt cert via appsettings

Browse Source
This commit is contained in:
Martijn Scheepers
2025-03-05 09:56:28 +01:00
parent c8cf2f9c2f
commit 6f0040864f
7 changed files with 32 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
UCS_Status_Monitor/MQTT/MQTTConfig.cs
View File

@@ -1,4 +1,6 @@
namespace UCS_Status_Monitor.MQTT
using System.Security.Cryptography.X509Certificates;
namespace UCS_Status_Monitor.MQTT
{
public class MQTTConfig
{
@@ -7,5 +9,9 @@
public int BrokerPort { get; set; }
public string Username { get; set; }
public string Password { get; set; }
public string CaCert { get; set; }
public string ClientCert { get; set; }
public string ClientCertPassword { get; set; }
}
}

22
UCS_Status_Monitor/MQTT/MQTTService.cs
View File

@@ -31,6 +31,8 @@ namespace UCS_Status_Monitor.MQTT
private readonly MonitorHandler _monitorHandler;
private readonly IDbContextFactory<MonitorDbContext> _contextFactory;
private readonly IConfiguration _configuration;
private readonly X509Certificate2 _caCrt;
private readonly X509Certificate2 _clientCert;
public MQTTService(IServiceProvider serviceProvider)
{
@@ -41,8 +43,10 @@ namespace UCS_Status_Monitor.MQTT
_monitorHandler = scope.ServiceProvider.GetRequiredService<MonitorHandler>();
_contextFactory = scope.ServiceProvider.GetRequiredService<IDbContextFactory<MonitorDbContext>>();
_configuration = scope.ServiceProvider.GetRequiredService<IConfiguration>();
}
_caCrt = X509CertificateLoader.LoadCertificateFromFile(_mqttconfig.CaCert);
_clientCert = X509CertificateLoader.LoadPkcs12FromFile(_mqttconfig.ClientCert, _mqttconfig.ClientCertPassword);
}
[LoggerMessage(Level = LogLevel.Error, Message = "{message}")]
public partial void LogError(string message);
@@ -51,9 +55,6 @@ namespace UCS_Status_Monitor.MQTT
public partial void LogError(Exception ex, string message);
private readonly X509Certificate2 caCrt = X509CertificateLoader.LoadCertificateFromFile(@"Certs\\ca.crt");
private readonly X509Certificate2 clientCert2 = X509CertificateLoader.LoadPkcs12FromFile("Certs\\server.pfx", "12345");
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
{
try
@@ -66,11 +67,6 @@ namespace UCS_Status_Monitor.MQTT
.WithTcpServer(_mqttconfig.BrokerAddress, _mqttconfig.BrokerPort)
.WithCredentials(_mqttconfig.Username, _mqttconfig.Password)
.WithTlsOptions(new MqttClientTlsOptions()
{
UseTls = true,
SslProtocol = System.Security.Authentication.SslProtocols.Tls12,
})
.WithTlsOptions(new MqttClientTlsOptions()
{
UseTls = true,
SslProtocol = System.Security.Authentication.SslProtocols.Tls12,
@@ -82,14 +78,14 @@ namespace UCS_Status_Monitor.MQTT
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag;
chain.ChainPolicy.VerificationTime = DateTime.Now;
chain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 0);
chain.ChainPolicy.CustomTrustStore.Add(caCrt);
chain.ChainPolicy.CustomTrustStore.Add(_caCrt);
chain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
// convert provided X509Certificate to X509Certificate2
var x5092 = new X509Certificate2(certContext.Certificate);
return chain.Build(x5092);
},
ClientCertificatesProvider = new ClientCertProvider(clientCert2)
ClientCertificatesProvider = new ClientCertProvider(_clientCert)
//ClientCertificatesProvider = new DefaultMqttCertificatesProvider(new List<X509Certificate>() { clientCert2 })
})
//.WithProtocolVersion(MQTTnet.Formatter.MqttProtocolVersion.V500)
@@ -214,7 +210,7 @@ namespace UCS_Status_Monitor.MQTT
if (args.ApplicationMessage.Topic.EndsWith("/event/connection"))
{
Debug.WriteLine("Connection");
//Debug.WriteLine("Connection");
AxisCamConnectionMessage? axisCamMessage = MQTTDeviceMessage.Deserialize<AxisCamConnectionMessage>(Encoding.UTF8.GetString(args.ApplicationMessage.Payload), device, location);
@@ -240,7 +236,7 @@ namespace UCS_Status_Monitor.MQTT
//else if (args.ApplicationMessage.Topic.EndsWith("/status"))
else
{
Debug.WriteLine("Status");
//Debug.WriteLine("Status");
AxisCamStatusMessage? axisCamStatusMessage = MQTTDeviceMessage.Deserialize<AxisCamStatusMessage>(Encoding.UTF8.GetString(args.ApplicationMessage.Payload), device, location);

4
UCS_Status_Monitor/Monitor/AxisCamMonitorDevice.cs
View File

@@ -40,7 +40,7 @@ namespace UCS_Status_Monitor.Monitor
public override async Task Update(AxisCamConnectionMessage message, MonitorDbContext db, CancellationToken token = default)
{
Debug.WriteLine("Update connection axis cam");
//Debug.WriteLine("Update connection axis cam");
ArgumentNullException.ThrowIfNull(message);
ArgumentNullException.ThrowIfNull(db);
@@ -84,7 +84,7 @@ namespace UCS_Status_Monitor.Monitor
//{"topic":"onvif:Device/axis:RingPowerLimitExceeded","timestamp":1737455436306,"serial":"B8A44F74C561","message":{"source":{"input":"1"},"key":{},"data":{"limit_exceeded":"0"}}}
Debug.WriteLine("Update status axis cam");
//Debug.WriteLine("Update status axis cam");
ArgumentNullException.ThrowIfNull(message);
ArgumentNullException.ThrowIfNull(db);

3
UCS_Status_Monitor/Monitor/UCSSystemMonitorDevice.cs
View File

@@ -7,6 +7,7 @@ using UCS_Status_Monitor.Models.Database;
using System.Threading;
using Microsoft.EntityFrameworkCore;
using UCS_Status_Monitor.Telegram;
using System.Globalization;
namespace UCS_Status_Monitor.Monitor
{
@@ -56,7 +57,7 @@ namespace UCS_Status_Monitor.Monitor
if (message.StartTime != null)
{
//Debug.WriteLine($"{message.ComputerName} - starttime:{message.StartTime} - database:{system.StartTime}");
if (system.StartTime < DateTime.Parse(message.StartTime))
if (system.StartTime < DateTime.Parse(message.StartTime, CultureInfo.InvariantCulture))
{
await _telegramBot.Send($"♻️ <b>{system.ComputerName} - {system.ConfigFileName}</b>{Environment.NewLine} UCS restarted", token);
}

5
UCS_Status_Monitor/appsettings.Development.json
View File

@@ -32,7 +32,10 @@
"BrokerAddress": "mqtt.sdnsupport.nl",
"BrokerPort": 8883,
"Username": "SDNmqtt",
"Password": "MqTtData$"
"Password": "MqTtData$",
"CaCert": "Certs/ca.crt",
"ClientCert": "Certs/server.pfx",
"ClientCertPassword": "12345"
},
"KeyLocation": "keys"
}

5
UCS_Status_Monitor/appsettings.Release.json
View File

@@ -32,7 +32,10 @@
"BrokerAddress": "mqtt.sdnsupport.nl",
"BrokerPort": 8883,
"Username": "SDNmqtt",
"Password": "MqTtData$"
"Password": "MqTtData$",
"CaCert": "Certs/ca.crt",
"ClientCert": "Certs/server.pfx",
"ClientCertPassword": "12345"
},
"KeyLocation": "keys"
}

5
UCS_Status_Monitor/appsettings.json
View File

@@ -32,7 +32,10 @@
"BrokerAddress": "mqtt.sdnsupport.nl",
"BrokerPort": 8883,
"Username": "SDNmqtt",
"Password": "MqTtData$"
"Password": "MqTtData$",
"CaCert": "Certs/ca.crt",
"ClientCert": "Certs/server.pfx",
"ClientCertPassword": "12345"
},
"KeyLocation": "D:/SDNmonitorDB/Keys"
}