Encryption

Encryption and authentication via TLS can be accomplished through a certificate authority (CA). The CA provides a signature via the public key for the message broker (the so-called server key) and usually also for all connecting clients. All communication devices can then trust each other, because the issuing certificate authority is trusted. Depending on the message broker, an MQTT client may connect without a dedicated client certificate. In this case the client uses the public key of the issuing certificate authority when it establishes a connection to the broker.