Now, we want to require each MQTT client to provide a valid certificate to establish a connection with the MQTT server. This way, only clients that have a valid certificate will be able to publish or subscribe to topics. We will use the previously created private certificate authority to create client certificates for authentication.
We will generate a sample certificate for our local computer that will act as a client. We can follow the same procedure to generate additional certificates for additional devices that we want to connect to the Mosquitto server. We just need to use a different name for the file and use a different device name in the corresponding option.