Hello to all. I have a problem with the configuration of chirpstack components (gateway-bridge, network-server and application-server) with the mqtt broker.
I would like to create a secure (encrypted) connection with the mqtt broker.
First I tried the basic setup and everything works perfectly.
Now, what I do is:
- creation of certificates. So from the terminal I run the commands:
$ openssl genrsa -des3 -out ca.key 2048
(set password)
$ openssl req -new -x509 -days 1826 -key ca.key -out ca.crt
(I enter the previous password and fill in the CountryName, State or Province, Common Name → IP address where mosquitto runs, 127.24.157.28, etc)
$ openssl genrsa -out server.key 2048
$openssl req -new -out server.csr -key server.key
(Again I fill in the CountryName, State or Province, Common Name → IP address where mosquitto runs, 127.24.157.28, etc)
$openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 360
And copy the files ca.crt, server.crt and server.key in the folder /etc/mosquitto/certs
- Go to:
$ cd /etc/mosquitto/conf.d
and create a new .con file
$ nano test.conf
in this new file I write:
####################
listener 8883
cafile /etc/mosquitto/certs/ca.crt
certfile /etc/mosquitto/certs/server.crt
keyfile /etc/mosquitto/certs/server.key
require_certificate true
tls_version tlsv1.2
#####################
Now how should I configure the chirpstack components (gateway-bridge, network-server and application server) so that they can communicate with the broker?