Guidelines for Using the Solace Messaging API for .NET

To begin working with the Solace .NET API, import the Solace .NET API NuGet package using your package manager of choice and include the following namespace in your application:

using SolaceSystems.Solclient.Messaging;

This page covers the following topics:

• Guidelines for Secure Connections and Authentication
• Run Guidelines

Guidelines for Secure Connections and Authentication

The following requirements must also be met to successfully code and compile an application that will use TLS/SSL client connections, client certificate authentication, or Kerberos authentication schemes.

The Solace .NET API supports both TLS/SSL security libraries and Kerberos security libraries. The names of these packages are operating system dependent.

TLS/SSL Libraries

To allow programmers to quickly develop client applications that create secure connections to event brokers, OpenSSL libraries (including the crypto library) are bundled with the APIs in .a and .so versions (Linux), .lib and .dll versions (Windows), and in .a and .dylib versions (macOS). These libraries allow developers to prototype and test TLS/SSL-encrypted client connections.

The provided libraries are distributed for developers’ convenience and are not endorsed for distribution in a production network. Consult with your Network Operations Center to obtain your organization’s latest secure TLS/SSL packages. OpenSSL distributions can be found at www.openssl.org.

Kerberos Libraries

To develop client applications to use Kerberos authentication, the appropriate Generic Security Service Application Program Interface (GSSAPI) library files must be installed on the development system and on systems that will run the applications. GSSAPI libraries are not bundled with the APIs.

To successfully link TLS/SSL security libraries or Kerberos security libraries when building your application using the Solace .NET API, refer to the following sections:

• Recommended Methods for Linking with Security Libraries
• Static Linking with Security Libraries

Recommended Methods for Linking with Security Libraries

The following provides information for dynamically linking TLS/SSL libraries and Kerberos libraries with Windows applications.

Dynamically Linking TLS/SSL Libraries

Windows (Solace .NET API):

• Whether applications are dynamically linked against libsolclient.dll (the 32‑bit library) or libsolclient_64.dll (the 64-bit library), or they are statically linked against libsolclientStatic.lib (the 32‑bit library) or libsolclient_64Static.lib (the 64-bit library), they must have libeay32.dll and ssleay32.dll available at runtime. Both 32-bit and 64-bit Windows versions of these libraries are included with the Solace .NET API distributions to make testing and development easier. When developing your application, ensure that the correct 32-bit versions or 64‑bit versions of libeay32.dll and ssleay32.dll are used when you are testing and deploying.
• When using Visual Studio, it is not necessary to modify your Visual Studio project because libsolclient dynamically loads the libraries as needed. Applications that do not use TLS/SSL features of libsolclient do not need to deploy the OpenSSL libraries.
• The latest Windows libraries for OpenSSL can be found at https://wiki.openssl.org/index.php/Binaries.

Dynamically Linking Kerberos Libraries

Windows (Solace .NET API):

• Whether applications are dynamically or statically linked against libsolclient.lib, they must have secur32.dll available at runtime. This library is included as part of your operating system distribution and there is no action required to add it.
• It is not necessary to modify your Visual Studio project because libsolclient dynamically loads the libraries as needed.

Static Linking with Security Libraries

On all operating systems, security libraries may be statically linked with your application when it is built. This is not recommended, as it requires rebuilding or redeploying your application whenever you need to update the security subsystem. It may be useful to deploy an application on target platforms that do not have the required libraries, or the desired versions of the libraries are not present.

The Windows Kerberos interface, which is included in secur32.dll, does not have static library equivalent, and the Kerberos library may not be statically linked into Linux or SunOS/Solaris applications.

The following provides information for statically linking TLS/SSL libraries with Windows applications.

Statically Linking TLS/SSL Libraries

Windows (Solace .NET API):

• Applications that are dynamically linked against libsolclient.dll or libsolclient_64.dll cannot be statically linked against the TLS/SSL libraries.
• Applications that are statically linked against libsolclientStatic.lib or libsolclient_64Static.lib may be also statically linked against the TLS/SSL libraries. You must also include the static versions of the TLS/SSL libraries, libeay32.lib and ssleay32.lib. Be sure to find and link against the static versions of these libraries, not the import libraries that have the same name.

Run Guidelines

Before running your compiled application, consider the following guidelines for the Solace .NET API.

• Ensure that the corresponding Solace .NET API assembly can be located and loaded by the .NET runtime.

The Solace .NET API requires Microsoft .NET 2.0 or above framework.