From 870637a7dc3400820f01f6e57829542839f9104d Mon Sep 17 00:00:00 2001 From: Gil Peeters Date: Wed, 25 Sep 2019 22:31:12 +1000 Subject: [PATCH] Clarity on emabling MQTT TLS (#10453) Clarified that you MUST define the `certificate` parameter to enable TLS connections to the MQTT server. This was not clear to me and was fighting with getting the right PEM/CRT file setup as commections were failing. When I then selected 'auto' it worked as designed. It would be better if there was an 'enable_tls' config parameter that would enable it and default to 'auto', but that;s a code change. --- source/_docs/mqtt/certificate.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/_docs/mqtt/certificate.markdown b/source/_docs/mqtt/certificate.markdown index 9a07f556419..86225053aca 100644 --- a/source/_docs/mqtt/certificate.markdown +++ b/source/_docs/mqtt/certificate.markdown @@ -16,7 +16,7 @@ mqtt: {% configuration %} certificate: - description: "'auto' or the certificate authority certificate file that is to be treated as trusted by this client. 'auto' uses the bundled certificates. If a file is specified the file should contain the root certificate of the certificate authority that signed your broker's certificate, but may contain multiple certificates. Example: `/home/user/identrust-root.pem`" + description: "'auto' or the certificate authority certificate file that is to be treated as trusted by this client. To enable a secure (TLS) connection to your server you must define the 'certitificate' configuration parameter. 'auto' uses the certifite CAs bundled certificates. If a file is specified the file should contain the root certificate of the certificate authority that signed your broker's certificate, but may contain multiple certificates. Example: `/home/user/identrust-root.pem`." required: false type: string client_key: