In my last article, I showed how we could build an IoT app without the Internet. It's a good exercise when you want to get started or do Rapid Prototyping without having any dependency on the Internet. One question that is always asked by the people evaluating the proof of concepts, is regarding Security. How have you secured your solution ? Most of the customers’ concerns when they are contemplating to introduce IoT into their business or product line are related to security. Be it device security or network security, having it on scale is very important. I would not go into much detail into that as it's a long topic.
In this article, I will showcase how we could secure our IoT network by enabling security into the MQTT broker and build a secure channel between the client and broker communication. One can use this when building PoCs or demos for clients or self-learning.
Network Security using Transport Level Security(TLS)
Transport Level Security(TLS) is the most common method by which secure network communication happens. I would not go into detail how TLS works, but I would demonstrate how we could configure TLS in our Local IoT application I showed you in my previous article.
Here is what I will do.
- Create a Local Certificate authority
