Creating an MQTT broker profile through the Web Console

You can create new MQTT broker profiles through the Kaspersky Security Center 14.2 Web Console. Different MQTT broker profiles let you work with different servers and digital platforms that receive events from Kaspersky IoT Secure Gateway 1000 over the MQTT protocol.

To create a new MQTT broker profile through the Web Console:

1. In the main window of the Web Console, select Devices → Managed devices.
2. Click the name of the device running Kaspersky IoT Secure Gateway 1000. If the device name is not on the list, add it to the Managed devices group.
3. In the device properties window that opens, select the Applications tab.
4. Press Kaspersky IoT Secure Gateway.

   This opens a window containing information about Kaspersky IoT Secure Gateway 1000.

5. Select the Application settings tab.
6. Select the MQTT Broker section.

   The table of MQTT broker profiles is displayed.

7. Click the Add button in the upper part of the MQTT broker profiles table.

   The Edit profile window opens.

8. In the Status drop-down list, select one of the following values:
   • Active, if you want to make a new profile active. In this case, profile settings are uploaded to the MQTT broker and access to certificates from the profile is activated for the MQTT broker.
   • Inactive.

     Only one profile can be active. You can only set an MQTT broker profile as active if it has a configuration file added.

9. In the Name field, enter the profile name using letters of the English alphabet.
10. Add a configuration file or certificate to the new profile by clicking the Add button in the upper part of the List of files table.
11. In the file upload pane that opens on the right, do the following:
    1. In the Type drop-down list, select the type of file that you want to add:
       • Configuration file. This contains the main settings for MQTT broker operation. The configuration file must be added to the MQTT broker profile so that this profile can be set as active. Files in CONF format can be selected.
       • Certificate. Files in CRT, CER, DER, and PEM format can be selected.

         An MQTT broker profile requires multiple security certificates, such as a certificate issued by a Certificate Authority, a server client certificate, and a private key file. Depending on the requirements of the MQTT server, the server client certificate and private key file must be signed with a valid certificate issued by a certification authority. If your profile prescribes the use of SSL/TLS, repeat this step as many times as required to upload all required certificates to the system. A secure connection is not guaranteed in the absence of security certificates.

         We do not recommend uploading more than three security certificate files per MQTT profile. If more than three files are uploaded, only the last uploaded certificate files will be used.

    2. Click the Upload file button and select a file in the opened file upload window. The file size must not exceed 131 KB.

       The file will be uploaded to the system and will appear in the MQTT broker profile.

    3. Click OK in the lower part of the pane.

       The file upload pane closes.

12. Click OK in the lower part of the Edit profile window.

    The Edit profile window closes.

13. Click Save in the lower part of the window to save the new MQTT broker profile.