In this chapter, we generated a private certificate authority, a server certificate, and client certificates to enable TLS transport security and TLS client authentication with Mosquitto. Communications between the MQTT clients and the MQTT server are encrypted.
We worked with OpenSSL to generate the digital certificates. We tested the MQTT TLS configuration with MQTT.fx, MQTT-spy, and the Mosquitto command-line utilities. We forced Mosquitto to use only a specific TLS version.
There are many other security topics related to MQTT servers and Mosquitto. We will work with some of them in the forthcoming chapters, in which we will develop applications that will use MQTT in different programming languages.
Now that you have understood how to encrypt communications between the MQTT clients and the Mosquitto server, we will control a drone with Python and MQTT, which is what we are going to discuss in the next chapter.