Feature Request: Allow Extraction of Client TLS Certificate (CN/SAN) at rmqtt-net or Plugin Layer in MQTT Context #312
deluxetiky
started this conversation in
Ideas
Replies: 2 comments
-
|
I have created pull request for the poc. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thanks a lot for submitting this PR! I really appreciate your effort. I will carefully review the code and consider merging it as soon as possible. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Enable the extraction of the client’s TLS certificate (specifically the Common Name (CN) or Subject Alternative Name (SAN)) at the rmqtt-net (network/socket) layer, and use this information to initialize the MQTT context (v3 or v5) with a known username. This is particularly important for certificate-based authentication and identity mapping, especially since the current ConnectInfo and Session structs in the plugin API do not expose TLS context or certificate details or I might be missing something.
I think this enables plugins and authentication logic to reliably use certificate-derived identities.
It would be great to hear if there is a work-around in that case.
Beta Was this translation helpful? Give feedback.
All reactions