Known Limitations

SslCertificatePem - Client Certificate Sent without the Full Chain

When your organization is using intermediate certificates to sign the application certificates, there is a known issue with the .NET library, not sending the full chain when connecting to the brokers. This issue caused by one of our dependency libraries, which only sends the client certificate without the Certificate Path. As a result, we get the following error message:

Error: Broker: Topic authorization failed

Workaround

Option 1: Using Client - Add Full Certificate Path to SslCaLocation

Set SslCaLocation with your Certificate Path (full CA chain).

Option 2: Use File Base - SslCertificateLocation

Use SslCertificateLocation configuration instead of SslCertificatePem.