MQTT Modules can be enabled to use SSL/TLS to encrypt the communication between MQTT clients which is useful if used on a public network.

MQTT communications are not encrypted by default and enabling SSL/TLS is highly recommended on a public network. 


Ignition supports certificates from both your organization's internal CA, as well as commercial CA's (Verisign, GoDaddy, Comodo, etc). Self-signed certificates can be generated by Ignition and they are useful for testing environment and non-public networks.

Self-signed certificates should not be used in a production environment on a public network.



As of module release version 4.0.4, 
the Cirrus Link modules are capable of reusing the existing Ignition web server provided SSL certificates to secure your MQTT communication. This is the recommended process to secure your MQTT communication using SSL/TLS.



Follow the links below to configure Ignition SSL and the MQTT modules:


If updating Ignition SSL certificates whilst SSL in enabled at MQTT Distributor, you will need a module restart or configuration change save of the MQTT Distributor module




Additional Resources

  • No labels