In this chapter, we generated a private certificate authority, a server certificate, and client certificates to enable TLS transport security and TLS client authentication with Mosquitto. Communications between MQTT clients and the MQTT server are encrypted.

We worked with OpenSSL to generate self-signed digital certificates for our development environment. We tested the MQTT TLS configuration with MQTT.fx, MQTT-spy, and Mosquitto command-line utilities. We forced Mosquitto to use only a specific TLS version.

There are many other security topics related to MQTT servers and Mosquitto. We will work with some of them in forthcoming chapters, in which we will develop applications that will use MQTT with Python.

Now that we understand how to encrypt communications between MQTT clients and the Mosquitto server, we will understand MQTT libraries and we will write Python code to control a vehicle with MQTT messages delivered through encrypted connections, which are the topics that we are going to discuss in Chapter 4, Writing Code to Control a Vehicle with Python and MQTT Messages.