Creating Key and Certificate Files for Encryption and Authentication

  • 概览
  • 资源
  • 文字稿

This video focuses on creating a set of key files and certificates that can be used to set up encryption and authentication for MQTT-TLS and HTTP-TLS connections.

Hi, I'm Daniel Holmlund. In this video we'll create a set of key files and certificates that can be used to set up encryption and authentication. TLS stands for transport layer security and provides a secure communication channel between client and server. We will create key files and certificates to authenticate and encrypt our MQTT, TLS, and HDTPS connections. We'll be using Mosquitto for our MQTT broker. MQTT uses port 883 for secure communications, so we'll need to make some changes to the MQTT brokers configuration file. Here are the commands to create the certificates and key files. 

It's important to note that while generating these, the common name parameter in step 1 and step 3 should specify the same server address. Otherwise, it won't authenticate correctly. Also, make sure to use the same pass phrase between step 1 and the last step of generating your key file. Now move the CA, certificate, and key file to a commonly accessible directory. Services that we create in other labs will depend on these certificates. 

Now that we've installed the certs and key files, let's create a new configuration file for the Mosquitto MQTT broker. Rename your current Mosquitto configuration file to something that you can remember and then use an editor to create a new configuration file. Put this inside the configuration file and restart the service. Now we set up our certificates and key files and configured the MQTT broker to use encrypted MQTT TLS traffic. Thanks for watching. Follow the links provided to learn more and don't forget to like this video and subscribe to the Intel software YouTube channel.