Page History

...

NOTE: The procedure below is only applicable when running pre-4.0.4 modules. Manually configuring MQTT Distributor to consume a Java keystore is supported and will work properly when running pre-4.0.4 modules, but it is no longer the recommended process for encrypting MQTT communication. If possible, please upgrade to modules version 4.0.4 or higher and follow the default workflow to secure MQTT communication. 

...

Whether you are using a certificate issued by a trusted CA (Certificate Authority) or a self-signed certificate, internally MQTT Distributor accesses these certificates via the Java KeyStore keyStore file that it is configured to use. This KeyStore keyStore must contain the public certificate, the private key, and possibly an intermediate certificate if applicable. If you've already SSL enabled your Ignition web server then you have all of the required certificates already contained inside of Ignition's keystore. However, you must convert Ignition's keystore (of type PKCS #12) to a keystore of type JKS so it can be used by MQTT Distributor. Follow the steps below to do this conversion.

...

Next, MQTT Distributor must be configured to use the newly created Java keystore (JKS). Following the steps here to configure MQTT Distributor.

Additional Resources

• Inductive Automation's Ignition download with free trial
  • https://inductiveautomation.com/downloads/
• Azure Injector download with free trial
  • https://inductiveautomation.com/downloads/third-party-modules
• Questions about this tutorial?
  • Check out the Cirrus Link Forum: https://forum.cirrus-link.com/
  • Contact support: support@cirrus-link.com
• Sales questions
  • Email: sales@cirrus-link.com
  • Phone: +1 (844) 924-7787
•  About Cirrus Link
  • https://www.cirrus-link.com/about-us/