Now, we will configure Mosquitto to use TLS client certificate authentication. This way, any client will require the ca.crt file and a client certificate, such as the recently generated board001.crt file, to establish a communication with the Mosquitto server.

If you are running the Mosquitto server in a Terminal window in macOS or Linux, press Ctrl + C to stop it. In Windows, stop the appropriate service.

Go to the Mosquitto installation directory and open the mosquitto.conf configuration file.

In macOS, Linux, or Windows, add the following line at the end of the configuration file:

require_certificate true

We specified the true value for the require_certificate option to make Mosquitto require a valid client certificate for any client that requests a connection to Mosquitto.

Save the changes to the mosquitto.conf configuration file and launch Mosquitto again. We will use the mosquitto_sub command-line utility included in Mosquitto to generate a simple MQTT client that subscribes to a topic filter and prints all the messages it receives.