Securing a connection over the MQTT protocol

Support

Support for business applications

Kaspersky IoT Secure Gateway 100

Configuring the gateway

Configuring a connection over the MQTT protocol

Securing a connection over the MQTT protocol

May 24, 2023

ID 240937

Get as PDF

To securely transmit data over the MQTT protocol:

Copy the file containing the certificate chain of the MQTT client (a chain can consist of one leaf certificate of the client) to the directory /app/Core/pki/certs/transfer/mqtt/publisher on the HW-IDS partition of the microSD card.
Data structure with a digital signature containing a public encryption key and the ID of the client or server.

Combination of any number of intermediate certificates between the end-entity certificate and the root certificate.
Copy the file containing the certificate chain that was used to form the digital signature to the directory /app/Core/pki/certs/transfer/mqtt/publisher on the HW-IDS partition of the microSD card.
A value calculated with an encryption algorithm and added to data in such a way that any data recipient can use the signature to verify the origin and integrity of the data.
Copy the file of the private encryption key of the MQTT client to the directory /app/Core/pki/private/transfer/mqtt/publisher on the HW-IDS partition of the microSD card.
Component of a pair of encryption keys used for asymmetric encryption. Keys can be public or private.

The certificates and encryption keys used by the MQTT client must be in PEM format. The key length of the client certificate must be at least 2048 bits.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.