DTLS is enabled by setting Agent.Transport or Manager.Transport to Transport.DTLS before listening or creating an SnmpSocket. Agents will typically listen on the "well-known" default DTLS port of 10161. Managers will typically listen for trap and inform message notifications on the "well-known" default DTLS port of 10162. ClientCertificateChain must be populated with at least one certificate when sending traps, informs, or messages (not required when responding). ServerCertificateChain must be populated with at least one certificate when accepting traps, informs, or messages (not required when receiving responses). PowerSNMP defaults to FIPS-compliant ciphers, but Agent/Manager.DTLSCipherSuites can be modified as desired to add non-FIPS-compliant ciphers. In most cases, ValidationCallback should be specified. When deploying projects utilizing DTLS, you will need to include Dart.BouncyCastle.dll, Dart.BouncyCastle.Standard.dll, or Dart.BouncyCastle.50.dll, as applicable in your deployment package.
This will raise the RemoteCertificateValidationCallback specified by ValidationCallback. This callback must be in the format:
| C# |
Copy Code |
|---|---|
using System.Net.Security; using System.Security.Cryptography.X509Certificates; bool RemoteCertificateValidation( Object sender, X509Certificate remoteCertificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { ... } | |
| Visual Basic |
Copy Code |
|---|---|
Imports System.Net.Security Imports System.Security.Cryptography.X509Certificates Function RemoteCertificateValidation( _ ByVal sender As Object, _ ByVal remoteCertificate As X509Certificate, _ ByVal chain As X509Chain, _ ByVal sslPolicyErrors As SslPolicyErrors) As Boolean ... End Function | |
Return true to accept the certificate, and false to refuse it. A value other than SslPolicyErrors.None for sslPolicyErrors indicates an issue with the certificate that the server presented. A flag of SslPolicyErrors.RemoteCertificateChainErrors indicates that chain.ChainStatus should be checked; enumerate through chain.ChainStatus, and check the value of chain.ChainStatus[index].Status for additional details.