How to configure VerneMQ to use SSL/TLS for transport and secure with Auth using files

Hi,

it’d be helpful to me if you let me know where the documentation is incomplete.

In short, what you need to do is to configure a TLS endpoint in the vernemq.conf file. Example for a TLS listener called default:

listener.ssl.default = 127.0.0.1:8883

listener.ssl.default.cafile = /etc/ssl/cacerts.pem
listener.ssl.default.certfile = /etc/ssl/cert.pem
listener.ssl.default.keyfile = /etc/ssl/key.pem

You can configure more, of course (like requesting Client certificates, and more TLS details). But above is basically what you need to do: give VerneMQ the needed information to configure a TLS listener. (cert.pem is the TLS Server certificate, key.pem is the private key of that certificate, cacerts.pem is the file with needed Certificate authorities).

2 Likes