How to configure authentication in HiveMQ Cloud Starter via CA certificates chain?
- Harsh Bansal
Under typical circumstances, your device's certificate is endorsed by an Intermediate Certificate Authority (CA). Consequently, the comprehensive certificate chain includes the Root CA, Intermediate CA, and the Device certificate.
To authenticate a device certificate using an intermediate certificate, you must initially construct the CA certificate chain. This involves merging the intermediate and root certificates. This combined file will then be utilized to validate certificates that have been signed by the Intermediate CA.
Sample command:
cat intermediate.cert.pem rootca.cert.pem > ca-chain.cert.pemUtilize the assembled CA certificate chain file (ca-chain.cert.pem) to ensure that the device certificate maintains a valid trust chain.
Sample command:
openssl verify -CAfile ca-chain.cert.pem device.cert.pemRelated questions
How can I monitor in Control Center, which certs are used by each connected client?
To monitor which certificates are being used by each connected client in Control Center, simply navigate to the specific client. If the client is connected using a certificate, you will find a "Show certificate" link available for further details.