Native MQTT API (Deprecated)¶
Native MQTT API is deprecated. It is recommended to use MindConnect MQTT API instead.
The Native MQTT API provides functionality for applications to manage the certificates for securely connecting the MQTT agents. With appropriate authentication, the API can be easily integrated into applications hosted in an enterprise system or likewise.
For further information about the Native MQTT Sync API, refer to the Native MQTT API specification.
The MindConnect MQTT Service is currently available in regions Europe 1 and Europe 2.
For accessing this service, your application or service needs to have the respective roles listed in Native MQTT roles and scopes.
All MQTT-based devices which want to connect with Insights Hub need to authenticate themselves by a unique certificate identity.
The user needs to get the registration code to use it as the common name of the verification certificate.
For Insights Hub to make sure that the certificate uploader also possesses the corresponding private key, the user needs to prove the possession of the private key by issuing a verification certificate with the common name provided by Insights Hub using the private key.
Auto-Generated Agent Certificate¶
The MQTT agent needs to authenticate with an agent certificate. MindConnect MQTT agents can request auto-generated agent certificate using the 'create auto-generated agent certificate' endpoint. It is available in the region Europe 1.
The MindConnect MQTT exposes its API for realizing the following:
- Upload a new CA certificate
- Get the uploaded CA certificates
- Get the CA Certificate with id
- Delete the CA certificate by id
- Verify existing CA certificate
- Get a CA certificate's registration code
Following tasks are currently available in the region Europe 1:
- Create auto-generated agent certificate
- Get auto-generated agent certificates
- Get auto-Generated Agent Certificate with id
- Delete auto-Generated Agent Certificate by id
- Maximum 2 CA certificates per environment can be uploaded.
The ACME company has an IT department regulating the security of the enterprise. The security system manages the issuing of the device certificates using an enterprise application. This system has authorized the administrators to upload the CA and verification certificates using these APIs. This application issues the device certificates to OT users when they want to connect the device.
Except where otherwise noted, content on this site is licensed under the Development License Agreement.