Page History

MQTT Modules can be enabled to use SSL/TLS to encrypt the communication between MQTT clients which is useful if used on a public network.

Ignition supports certificates from both your organization's internal CA, as well as commercial CA's (Verisign, GoDaddy, Comodo, etc). Self-signed certificates can be genertaed by Ignition and they are useful for testing environment and non-public networks.

As of module release version 4.0.4, the Cirrus Link modules are capable of reusing the existing Ignition web server provided SSL certificates to secure your MQTT communication. This is the recommended process to secure your MQTT communication

Configuring Secure MQTT Communication

...

using SSL/TLS.

...

Convert Ignition Keystore to Distributor Keystore

• Steps to convert an existing Ignition Java keystore of type PKCS #12 to a Distributor Java keystore of type JKS.

Create a Java Keystore (JKS) File

Follow the links below to configure Ignition SSL and the MQTT modules:

• I am using MQTT modules version 4.0.4 or higher and
  • I need to obtain a security certificate from a Certificate Authority (CA)
  • I have a security certificate from a Certificate Authority (CA)
  • I need to create and use an Ignition generated Self-Signed Certificate
• I am using MQTT modules version pre 4.0.4

...