Security usageΒΆ
Certificates (signed public keys) are used in the Secure Gateway to provide authentication. The certificates are signed by a Certificate Authority (CA). Typically that is a trusted third party, but here we will create a self-signed CA.
When a client connects to the broker, the client needs three files:
- Client certificate. This is the public key that will be sent to the broker, so that the broker can encrypt messages when sending to the client.
- Client private key. This is used by the client to unlock encrypted messages that it receives.
- CA (Certificate Authority) certificate. This is used by the client to verify that the broker is the one it is claiming to be.
The broker will use a corresponding set of files.
See the separate tutorial in the examples section.