Broker usage of CA and crt files?

  • I want to use my own CA/certs for our Open Broker.


    Before I replace the files in /dxlbroker-volume/keystore, I want to make sure I understand how they're being used.


    Does anyone know what the following files are used for?

    • broker.crt + broker.key
    • ca-broker.crt + ca-broker.key
    • ca-client.crt + ca-client.key
  • The files listed are used to authenticate certificates for broker-to-broker and client-to-broker communication.


    ca-broker.crt 
    ca-broker.key

    Certificate Authority used by clients and brokers to authenticate a broker's certificate. On clients, this file is typically named ca-bundle.crt
    broker.crt
    broker.key
    The certificate/key pair for this broker. (Clients and other brokers authenticate this certificate using their copy of the broker CA).
    ca-client.crt
    ca-client.key
    Certificate Authority used by brokers to authenticate a client's certificate.