Mutual Authentication allows the device and Everyware Cloud to authenticate each other over certificate-based TLS/SSL Two-Way Authentication protocol. This feature is supported for the MQTT connections established by the devices to a Messaging Service instance in Everyware Cloud.
Mutual Authentication allows to increase the level of security of the communications between the devices on the field and Everyware Cloud in the backend. In fact, using this feature, the connection will be successful if, and only if:
- The backend provides a certificate that is trusted by the device
- The device provides a certificate that is trusted by the backend
- The device credentials, username and password, used to establish the MQTT connection are successfully validated by the backend
Mutual authentication is configured at the account level. In the In the Settings view select the
ClusterService and check whether the TLS/SSL Mutual Authentication connections are enabled.
Add the public certificate that is used to validate the one sent by the device during TLS/SSL handshake. In the Admin Console, go to the Certificates view and click the Add button. A new dialog will appear to allow the registration of a new certificate. The mandatory fields are:
- Name: display name for the certificate
- Usage: select
- Public Certificate: BASE64 encoded Certificate, including the
Verify that the device trusts the TLS/SSL server certificate configured for the Everyware Cloud Messaging Service.
Updated 3 months ago