Using the same ssl certificate for multiple components

lukilukeskywalker
Posts: 21
Joined: Wed Feb 22, 2023 4:25 pm

Using the same ssl certificate for multiple components

Postby lukilukeskywalker » Thu Jun 01, 2023 10:24 am

Maybe it is some kind of a stupid question, but I was just wondering if we can use the private keys and public keys in multiple components, for example for a https connection and a MQTT client with a secure connection.
Also, when is it and is not recommended to use a secure connection? I mean, having a secure connection adds some overhead to the whole connection, and makes the whole http / mqtt connection slower

MicroController
Posts: 1136
Joined: Mon Oct 17, 2022 7:38 pm
Location: Europe, Germany

Re: Using the same ssl certificate for multiple components

Postby MicroController » Thu Jun 01, 2023 12:54 pm

lukilukeskywalker wrote:
Thu Jun 01, 2023 10:24 am
Also, when is it and is not recommended to use a secure connection? I mean, having a secure connection adds some overhead to the whole connection, and makes the whole http / mqtt connection slower
That's (almost) completely up to you to decide. You want/need communcation protected against eavesdropping and manipulation? You communicate over an open network like the internet? You can afford the overhead mainly during connection setup? Go TLS!
You're really short on RAM, energy, or bandwidth/latency? Non-TLS connections may help a little.
If the other side requires you to authenticate via certificate or use TLS you have no choice anyway.
Notice that TLS overhead occurs almost exclusively during connection setup (key exchange,...). (Except maybe for some RAM usage.) So the longer you keep using an existing connection and the less new connections you make, the lower the relative overhead becomes.

(In the olden days you'd sometimes see "mixed" HTML pages on the web, where e.g. the HTML/text/data was retrieved via HTTPS while static images in the page were just HTTP to minimize the number of HTTPS requests/data. Mostly ok privacy-wise but a security risk.)

Who is online

Users browsing this forum: cdollar and 108 guests