Hello Team,
We are working on project at the company where we are trying to connect to MQTT Distributor (MQTT over TLS) installed in Ignition :
- The connection to MQTT (1883) is working good.
- The connection to MQTT over TLS (8883) is working only with MQTT Engine of the Ignition Gateway (Internally)
- The problem is trying to connect to MQTT over TLS/SSL with company certificates.
We have two questions :
- What are the required ports to open between device and Ignition Gateway to ensure this connection (MQTT over TLS/SSL) ? knowing that is secured at the company (it will be good to know if there is other ports to open in addition to 8883) ?
- From the client side (MQTT Transmission), what are the certificates required to ensure the connection with Ignition Gateway in MQTT over TLS ?
Thank you for your help 
Hi, were you able to figure out this problem?
Hello, yes the problem is solved
- The MQTTS requires the port 8883 in two directions from the broker to client + TLS certificate.
- The MQTT client needs only the client certificate.
Which of these certificate do you mean by the client certificate?
I was able to connect the engine and transmission to the distributor but I have been getting connection failed from the outside client and I have the port 8883 opened in two directions from the broker to the client and our Ignition is SSL enabled.
Do we need a separate certificate for the MQTT different from the one we used to enabled the ignition SSL?
When we enabled our SSL, I got a root cert, intermediate cert and server cert which I uploaded on Ignition to enabled the SSL. The client I am trying to connect to with is asking for CA cert and Client cert...which of these cert can be used for CA and Client.
