We are using MQTT protocol to integration the Chiprstack into our application. We need to enable authentication for MQTT connectivity. Apart from username and password based authentication, are there more secure auth options like client certification authentication?
1 Like
If you use client certificate authentication, then you can use the generate certificate option that you will find in the MQTT integration (web-interface). Most MQTT brokers (Mosquitto included) can be configured to use the CN field as username, in which case you can set an ACL like:
application/%u/#
In combination with the certificate generated by ChirpStack (which contains the application ID in the CN), that will automatically limit users to their own application topics 
1 Like