I’m using Letsencrypt certificates for MQTT TLS, and it works great, however I’m a little confused about the use of
chain.pem as a CA certificate.
In this post;
@schoen says that the
cacert.pem so I’ve used chain.pem as the CA Certificate in the TLS configuration.
However, others have advised that root certificate verification should be provided via Debian’s trusted root cert list, such as
DST_Root_CA_X3.pem and not
Could anyone advise the pro’s & con’s of those two certificates please?