Add client certificate placeholder

Source/OS/TLS_Client_Authentication/MeadowApp.cs

@@ -47,14 +47,23 @@ public async System.Threading.Tasks.Task Initialize()
             string IOT_HUB_NAME = "IOT_HUB_NAME";
             string IOT_HUB_DEVICE_ID = "IOT_HUB_DEVICE_ID";
 
+            // IMPORTANT:
+            //  Using Client Authentication, keep this value empty
+            //  Using Token-based Authentication, replace it with your SAS token
+            string IOT_HUB_DEVICE_ID_TOKEN = "";
+
             Console.WriteLine("Attempting to connect to " + IOT_HUB_DEVICE_ID);
             var factory = new MqttFactory();
             var mqttClient = factory.CreateMqttClient();
 
+            // IMPORTANT:
+            //  You don't need to add any code references to the client 
+            //  certificate, since OS/Mono will attach your certificate 
+            //  to any connection that requires it automatically
             var options = new MqttClientOptionsBuilder()
                 .WithClientId(IOT_HUB_DEVICE_ID)
                 .WithTcpServer($"{IOT_HUB_NAME}.azure-devices.net", 8883)
-                .WithCredentials($"{IOT_HUB_NAME}.azure-devices.net/{IOT_HUB_DEVICE_ID}/?api-version=2021-04-12", "")
+                .WithCredentials($"{IOT_HUB_NAME}.azure-devices.net/{IOT_HUB_DEVICE_ID}/?api-version=2021-04-12", IOT_HUB_DEVICE_ID_TOKEN)
                 .WithProtocolVersion(MQTTnet.Formatter.MqttProtocolVersion.V311)
                 .WithTls(new MqttClientOptionsBuilderTlsParameters
                 {

Source/OS/TLS_Client_Authentication/client_cert.pem

@@ -0,0 +1,16 @@
+Replace this file with your client certificate in .pem format (REQUIRED):
+
+-----BEGIN CERTIFICATE-----
+...
+-----END CERTIFICATE-----
+
+IMPORTANT:
+If you have a certificate in .PFX format, you can extract the private key 
+and the client certificate from it using the OpenSSL library. 
+You just need to run the following commands to generate the `private_key.pem` 
+and  `client_cert.pem` files:
+
+```bash
+openssl pkcs12 -in yourfile.pfx -nocerts -out private_key.pem
+openssl pkcs12 -in yourfile.pfx -clcerts -nokeys -out client_cert.pem
+```

Source/OS/TLS_Client_Authentication/private_key.pem

@@ -0,0 +1,28 @@
+Replace this file with your private key in .pem format (REQUIRED):
+
+-----BEGIN PRIVATE KEY-----
+...
+-----END PRIVATE KEY-----
+
+IMPORTANT:
+1 - If you have an encrypted private key, add its passphrase to the 
+private_key_pass.txt file. 
+
+2 - You may see this error `Failed to parse private key` if you attempt 
+to use encrypted private keys, since some encryption algorithms are not 
+supported by the Meadow TLS provider (mbedTLS). In that case, try to encrypt 
+your private key using another algorithm, such as the RSA algorithm with DES3 
+(Triple DES) encryption and the traditional PKCS#1 formatting, which can be done 
+by using the OpenSSL library:
+
+```bash
+openssl rsa -in private_key.pem -out private_key_output.pem -des3 -traditional
+```
+
+Then, you should get a private key with a header like this:
+```
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,637E819E82DF740E
+```
+```