Versions Compared

Old Version 2

changes.mady.by.user Edgar Cantu

Saved on

compared with

New Version Current

changes.mady.by.user Emma Fullilove (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

AppManager now has AAM provides MQTT TLS settings for configuration. The These are accessed via the main node contains the properties for the connection. You have two broker connections available.

Note

Warning: Changing any of the Node level settings incorrectly for either UAM An invalid or incorrect setting for either AAM or an Edge Node , can may result in loss of communication to a broker.

...

To view details about a property, hover over the property name on the left column to see the details about the property.

...

Certificates Explained

The TLS Broker connection works in the following way:

  • The A CA File is required and must be the same CA File used by the Broker in its TLS Settings

    If only the CA File is uploaded, it can be used on its own if the Broker settings allow anonymous connections

    .

  • If you upload a Client Certificate, you will also need to upload the Client Private Key that goes with it.

    • If the Client Private Key is encrypted, you will need to enter the Private Key Password

  • If Verify Certificate is checked, the Broker’s certificate signature will be verified against the CA file you uploaded

     If this
Note

If Verify Certificate is not checked, it is impossible to guarantee that the host you are connecting to is not impersonating your server. This can be useful in initial server testing, but makes it possible for a malicious third party to impersonate your server through DNS spoofing, for example.

  • If a Broker allows anonymous connections, a CA File is uploaded without a Client Certificate and may be used on its own.

Broker 1 and 2 Explained

After the server starts, or when the Restart MQTT Client option under the Node commands gets ranis run, the settings will be checked and the following logic will execute.

  • If Broker 1 is enabled, and the connection fails, it will attempt another connection after the Broker1 → Connection Retry Interval time sethas passed.

  • After the Broker 1 → Connection Retries are exhausted, the Broker 2 settings, if enabled, will be used.

  • The logic repeats for Broker 2, and then switches to Broker 1, . This will occur indefinitely if both broker connections are enabled.

  • If Broker 1 was not enabledis disabled, Broker 2 is checked first, and the reconnection will continue forever only for the one enabled broker.

  • If no brokers are enabled, no client connections will be attempted.

...