Obtaining Trusted root CA certificates

Dear readers,

I am trying to accomplish a TLS connection using the MQTT protocol. What I need are the following certificates:

  • Client certificate

  • Client private key

  • Trusted root CA certificates

All these files must be in .PEM format. According to my server domain it supports the CA-certificate from letsencrypt. How can I obtain this CA-certificate and can the Client certificate and Private key be derived from this CA certificate?

Hope someone can give me some clarity.

Thank you all in advance.

Kind regards,
Niek

The private key can never be derived from the certificate–that the point of public-key encryption. Let’s Encrypt issues server certificates, but not client certificates. To get a server cert, start with:

Certificates that are issued by Let's Encrypt does contain "Client Authentication (1.3.6.1.5.5.7.3.2)", which could be used by the OP to satisfy his need.
However, this might not be what the OP need because trusting a public trusted root certificate allows all clients who hold a certificate issued by Let's Encrypt connects to that server.

Thank you

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.