Hive Mq Cloud with certificates

Hi Everybody, I am new of this forum.
I am trying to use the HiveMQ Cloud broker with some devices.
Most all of them work ok with credential and TLS and no certificate (as required by the HiveMQ Cloud free account).
I have a couple of them who do not accept the missing of the certificate while selecting the SSL/TLS option.
Is there any way to get at least the HiveMQ CA file to allow the working even with these devices strictly willing (in case SSL/TLS is selected) to have the certificate file?
Thanks for your help,
Andrew

Hi @anmabi84

Welcome to the HiveMQ Community Forum and thank you for your patience.
Check out our HiveMQ Cloud FAQ post. It contains a tutorial to create a server certificate.

Best,
Florian

Also the Mosquitto CLI documentation has a link to the CA used for the Cloud broker.
https://console.hivemq.cloud/clients/mosquitto-cli?uuid=3a574b52dc014c57ad4586a7b8402589

Hi Fraschbi,
I tried for some weeks to sort this out using the command openssl s_client -connect 4ad85b7fade04d07911be2ac1da2f5e4.s2.eu.hivemq.cloud:8883 -showcerts < /dev/null 2> /dev/null | sed -n ‘/BEGIN/,/END/p’ > server.pem but I was unsuccessfull.
I am currently getting the error “Impossible to find the defined root”.
I am sure I am getting wrong some of the fields but I cannot sort this out.
Could you help me on this creating the CA file as done in this old topic?

I would ask you to set as ending date of the certificate 1/1/2040. In fact my main issue in this moment is that I have a working file (https://letsencrypt.org/certs/trustid-x3-root.pem) but this will elapse on Septmber 2021 making my whole system unusable.
Obvioulsy If you could explain me the exact typing to be used in my OPENSSL command that would be even better.

Thanks for your help and assistance on this matter.