Setting up a secure connection via the MQTT protocol

The procedure for setting up a secure connection between the Mosquitto broker and a client using the MQTT protocol is described below. Any device with the MQTT library can act as a client.

To configure SSL encryption, you need to make changes to the broker configuration file mosquitto.conf (by default /etc/mosquitto/mosquitto.conf):

Open the configuration file using the following command:
```
$sudo nano /etc/mosquitto/conf.d/mosquitto.conf
```

Add the following parameter section to the configuration file:

. . .
listener 1883 localhost

listener 8883
certfile /etc/encryption/cert.pem
cafile /etc/ encryption /chain.pem
keyfile /etc/ encryption /privkey.pem

Make sure there is a blank line at the end of the file.
Close the file and save your changes.
Restart Mosquitto to update the configuration:
```
$sudo systemctl restart mosquitto
```
Update the firewall to allow connections to port 8883:
```
$sudo ufw allow 8883
```