Hi,
it’d be helpful to me if you let me know where the documentation is incomplete.
In short, what you need to do is to configure a TLS endpoint in the vernemq.conf
file. Example for a TLS listener called default
:
listener.ssl.default = 127.0.0.1:8883
listener.ssl.default.cafile = /etc/ssl/cacerts.pem
listener.ssl.default.certfile = /etc/ssl/cert.pem
listener.ssl.default.keyfile = /etc/ssl/key.pem
You can configure more, of course (like requesting Client certificates, and more TLS details). But above is basically what you need to do: give VerneMQ the needed information to configure a TLS listener. (cert.pem
is the TLS Server certificate, key.pem
is the private key of that certificate, cacerts.pem
is the file with needed Certificate authorities).