Class SslOption
Represents a set of configurable TLS options for a connection. Use this class to configure TLS version used, client certificate list or file location, peer certificate verification (validation) functions, expected server name (Subject Alternative Name or Common Name), and so on.
Inherited Members
Namespace: RabbitMQ.Client
Assembly: RabbitMQ.Client.dll
Syntax
public class SslOption
Constructors
| Edit this page View SourceSslOption()
Constructs an SslOption with no parameters set.
Declaration
public SslOption()
SslOption(string, string, bool)
Constructs an SslOption specifying both the server cannonical name and the client's certificate path.
Declaration
public SslOption(string serverName, string certificatePath = "", bool enabled = false)
Parameters
Type | Name | Description |
---|---|---|
string | serverName | |
string | certificatePath | |
bool | enabled |
Properties
| Edit this page View SourceAcceptablePolicyErrors
Retrieve or set the set of TLS policy (peer verification) errors that are deemed acceptable.
Declaration
public SslPolicyErrors AcceptablePolicyErrors { get; set; }
Property Value
Type | Description |
---|---|
SslPolicyErrors |
CertPassphrase
Retrieve or set the client certificate passphrase.
Declaration
public string CertPassphrase { get; set; }
Property Value
Type | Description |
---|---|
string |
CertPath
Retrieve or set the path to client certificate.
Declaration
public string CertPath { get; set; }
Property Value
Type | Description |
---|---|
string |
CertificateSelectionCallback
An optional client TLS certificate selection callback. If this is not specified, the first valid certificate found will be used.
Declaration
public LocalCertificateSelectionCallback CertificateSelectionCallback { get; set; }
Property Value
Type | Description |
---|---|
LocalCertificateSelectionCallback |
CertificateValidationCallback
An optional peer verification (TLS certificate validation) callback. If this is not specified, the default callback will be used in conjunction with the AcceptablePolicyErrors property to determine if the peer's (server's) certificate should be considered valid (acceptable).
Declaration
public RemoteCertificateValidationCallback CertificateValidationCallback { get; set; }
Property Value
Type | Description |
---|---|
RemoteCertificateValidationCallback |
Certs
Retrieve or set the X509CertificateCollection containing the client certificate. If no collection is set, the client will attempt to load one from the specified CertPath.
Declaration
public X509CertificateCollection Certs { get; set; }
Property Value
Type | Description |
---|---|
X509CertificateCollection |
CheckCertificateRevocation
Attempts to check certificate revocation status. Default is false. Set to true to check peer certificate for revocation.
Declaration
public bool CheckCertificateRevocation { get; set; }
Property Value
Type | Description |
---|---|
bool |
Remarks
Uses the built-in .NET TLS implementation machinery for checking a certificate against certificate revocation lists.
Enabled
Controls if TLS should indeed be used. Set to false to disable TLS on the connection.
Declaration
public bool Enabled { get; set; }
Property Value
Type | Description |
---|---|
bool |
ServerName
Retrieve or set server's expected name. This MUST match the Subject Alternative Name (SAN) or CN on the peer's (server's) leaf certificate, otherwise the TLS connection will fail.
Declaration
public string ServerName { get; set; }
Property Value
Type | Description |
---|---|
string |
Version
Retrieve or set the TLS protocol version. The client will let the OS pick a suitable version by using None. If this option is disabled, e.g.see via app context, the client will attempt to fall back to TLSv1.2.
Declaration
public SslProtocols Version { get; set; }
Property Value
Type | Description |
---|---|
SslProtocols |