...
Broker Configuration - SSL/TLS Tab
TLS can be enabled or disabled depending on your broker requirements. 
Secure Connections
By default, the Use a secure connection is selected enabling configuration of TLS options. For non-production environments, the Do not use a secure connection option can be used for testing.
TLS version 1.2 is the default.
AUTOSOL Bridge currently provides three options for TLS. The options are visible when Enable SSL/TLS is checkedwhen Use a secure connection is selected.
CA signed Server Certificate
CA Certificate file
Self Signed Certificates
1. CA Signed Server Certificate
CA signed server certificate works when there is already a CA certificate uploaded server side(broker) and if the same is used for client authentication. There is no need to upload any certificate here.
2. CA Certificate file
The CA certificate used in server side (broker) should be used here and must be in PEM format. Intermediate certificates can also be used here but they must be combined into a single bundle in PEM format.
...
3. Self Signed Certificates
This option is used when mutual authentication is needed on both server and client side. The CA certificate which is used on server side (broker) is used to sign the client certificate. The Certificate and Keys must be uploaded in PEM format. A private key password can also be provided if the client certificate is password protected.
...