Obtaining Trusted root CA certificates

NiekBeijloos · April 15, 2019, 9:36am

Dear readers,

I am trying to accomplish a TLS connection using the MQTT protocol. What I need are the following certificates:

Client certificate
Client private key
Trusted root CA certificates

All these files must be in .PEM format. According to my server domain it supports the CA-certificate from letsencrypt. How can I obtain this CA-certificate and can the Client certificate and Private key be derived from this CA certificate?

Hope someone can give me some clarity.

Thank you all in advance.

Kind regards,
Niek

danb35 · April 15, 2019, 10:19am

The private key can never be derived from the certificate–that the point of public-key encryption. Let’s Encrypt issues server certificates, but not client certificates. To get a server cert, start with:

stevenzhu · April 15, 2019, 3:19pm

Certificates that are issued by Let's Encrypt does contain "Client Authentication (1.3.6.1.5.5.7.3.2)", which could be used by the OP to satisfy his need.
However, this might not be what the OP need because trusting a public trusted root certificate allows all clients who hold a certificate issued by Let's Encrypt connects to that server.

Thank you

system · May 15, 2019, 3:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to get certificate of certification authority? Help	9	22920	December 4, 2016
Getting Started Server	4	883	October 17, 2018
SSL Certificate RSA Private Key SSL CA Certificate (Trusted Authority / "CA Bundle") Help	3	3105	September 6, 2018
How do i get my cert keys Server	2	783	September 30, 2018
Letsencrypt chain.pem or trusted root list cert? Help	20	7042	December 9, 2019

Obtaining Trusted root CA certificates

Related topics