Skip to content

Managing CA Certificates using UI


MQTT agents which want to interact with your environment need to authenticate themselves by a unique certificate identity.

You can upload up to two X.509 based public certificates to Insights Hub. The MQTT agent needs to authenticate with an agent certificate.


Registering CA Certificate

  1. Login to your environment.


    The MindConnect MQTT API Services are currently available in regions EU1 and Rancher.

  2. Launch the "Asset Manager" application from the Launchpad.


  3. Go to "Manage MQTT Certificates" under "Connectivity".


  4. Click "Get a new Certificate".


  5. Click "Upload CA Certificate".


  6. Upload Public Certificate.


    • Provide a name for your CA certificate.


    • Obtain a CA certificate and upload it. The CA certificate can also be self-signed. To create a self-signed CA certificate, the steps are provided within the user interface. Click on the (?) symbol to see the details of the steps. Each line indicates a command to be executed in the sequence desired. Copy the step and paste it into a terminal and provide appropriate information by replacing with an appropriate value. For example, set TENANT=” should result into, set TENANT=tenantName. Alternatively, this can be copied into a file and executed sequentially.


    • After the second step, your registration code will be generated automatically. Note that, you may have to wait for a few seconds for the code to be generated. This code is required for creating a verification certificate.


    • Generate a verification certificate based on your CA certificate and the Registration Code and upload it. Click on the (?) symbol to see the details of the steps to create a verification certificate. Execute these steps as you have done earlier.


  7. If the uploaded verification certificate is correct, the certificate upload process is completed. Next, you can start issuing device certificates. CA Certificate is listed in "Own certificates".


Last update: March 5, 2024

Except where otherwise noted, content on this site is licensed under the Development License Agreement.