Hot Reload For Certificate Authentication

[hannasm]

During connection establishment an mqtt client might be configured to present a certificate to destination server, verifying it's authenticity. This certificate is currently initialized in the constructor and cannot be changed. Once a client connection is established a certificate does not need to be presented again during normal flow. However, in exceptional cases like network disconnects / reconnects, the client should be able to present an updated certificate.

It appears that the ability to perform hot reloads of a server certificate was recently enabled by using a custom ICertificateProvider interface. (Kudos to @YAJeff who did that in #1652 ).

I am proposing the MqttClient should support a similar ICertificateCollectionProvider interface that would enable hot reload functionality.

Which project is your feature request related to?

• Client
• ManagedClient

Describe the solution you'd like

Current MqttClientTlsOptions provides Certificates to the MqttChannelAdapter through List<X509Certificate2> property. These fields are readonly and initialized during construction.

Instead certificates should be provided to the channel from a certificate collection provider interface

public interface ICertificateCollectionProvider {
  IEnumerable<X509Certificate2> GetCertificates();
}

It looks like a connection disconnect / reconnect is handled by creating a new channel so it doesn't appear the channels themselves need to be changed at all, but at least, the adapter factory needs to be calling ICertificateCollectionProvider.GetCertificates()

[chkr1011]

I added a new interface as you proposed and added a few more option builders.
Please download the preview version (https://www.myget.org/feed/mqttnet/package/nuget/MQTTnet/4.2.1.820) and let me know if it works.