Contents
Cirrus Link Resources
Cirrus Link Website
Contact Us (Sales/Support)
Inductive Resources
Ignition User Manual
Knowledge Base Articles
Inductive University
Forum
...
You will now be asked to specify a password for the keypair. At this point MQTT Distributor requires that the Key Pair passwords match the overall Keystore password. So, make sure you note this password because we'll need to use it as the overall keystore password as well.
If your certificate also requires an intermediate certificate, it must be appended to the keypair. Do so by right-clicking the keypair and navigating to Append Certificate as shown below. In the case of self-signed certs, this means clients only need to have the root CA certificate trusted on their system. In the case of certificates signed by trusted CAs, the clients don't need to have any additional TLS configuration loaded on their system.
Now browse to your intermediate certificate as shown below and click Append:
You should see the following. Simply click OK.
At this point, you can save your keystore and specify a keystore password. Do so by clicking the save icon in the upper left menu:
...
At this point, all MQTT clients can now connect over TLS enabled connections. Note the new port of 8883. If using a certificate signed by a publicly trusted CA and the OS with the MQTT client supports that specific CA, the clients don't have to make any modifications to their list of trusted root certificates. If using a self-signed certificate there are a couple options:
Note if your certificate also requires an intermediate certificate, this must also be added to the MQTT client so the full chain of trust can be established.
Using the Certificate to Secure Communication with MQTT Engine or MQTT Transmission:
...