TLS client certificates for MQTT pubsub client

Hi all,

I’m working on an IoT project at the moment, using MQTT broker to securely communicate. My current code uses client certificates to authenticate to MQTT, and I’m generating these using OpenSSL commands before importing them into the code to upload to the IoT device (using a WeMos D1 esp8266 currently).

I’ve used (GitHub - tsi-software/Secure_ESP8266_MQTT_poc: Secure ESP8266 MQTT proof of concept) as the basis so far.

I’ve been looking for code that will allow me to get the device to generate a private key, then prepare a CSR.

I can then handle the upload of the CSR, the signing and the subsequent download of its public key. This would then all be stored in SPIFFS on the device for future use.

Any pointers to something that will do the key generation and CSR please? I’ve been searching for a week but I’m obviously using the wrong keywords.

Thanks
Dan

No responses, guess I'll have to create my own :slight_smile: