adding tls configuration

.mosquitto/mosquitto.conf

@@ -1,2 +1,12 @@
+# https://mosquitto.org/man/mosquitto-conf-5.html
 allow_anonymous false
 password_file /etc/mosquitto/passwd
+
+# TLS
+# False for testing purposes
+require_certificate false
+certfile /mosquitto/certs/server.crt
+keyfile /mosquitto/certs/server.key
+cafile /mosquitto/certs/ca.crt
+
+autosave_interval 1800

README.md

@@ -3,6 +3,9 @@
 Learning MQTT with Golang by doing. This repo is a simple example of using a Golang application as a client (pub & sub) of an MQTT broker.
 
 
+8088, Management Center unsecured (opening the port on the internet is not recommended).
+1883, Eclipse Mosquitto unsecured (opening the port on the internet is not recommended).
+
 ## Development
 
 For local development we use [Mosquitto](https://mosquitto.org/) as our MQTT broker, with TLS enabled. 
@@ -30,3 +33,16 @@ make stop-dev
 ## Usage
 
 *Instructions TBD*
+
+
+## Resources:
+
+- [Mosquitto Docs](https://mosquitto.org/man/mosquitto-8.html)
+- [Mosquitto TLS Tutorial](https://cedalo.com/blog/mqtt-tls-configuration-guide/)
+- [Golang MQTT Tutorial]()
+- [MQTT as a Service](https://cedalo.com/mqtt-broker-pro-mosquitto/)
+- [Using Wireshare for MQTT Analysis](https://cedalo.com/blog/wireshark-mqtt-guide/)
+- [Caddy as reverse proxy](https://github.com/caddyserver/caddy)
+- [Using Python paho MQTT client with TLS](https://cedalo.com/blog/configuring-paho-mqtt-python-client-with-examples/)
+- [ESP32 Micropython MQTT with TLS](https://dev.to/bassparanoya/esp32-micropython-mqtt-tls-28fd): Note cert file format for uPy MQTT client needs to be in .der format which is a binary format.
+- [TLS refresher](http://www.steves-internet-guide.com/ssl-certificates-explained/)

docker-compose.yaml

@@ -12,3 +12,4 @@ services:
     volumes:
       - ./.mosquitto:/etc/mosquitto
       - ./.mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf
+      - ./.mosquitto/certs:/mosquitto/certs