> For the complete documentation index, see [llms.txt](https://docs.yudash.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.yudash.com/device-to-cloud-api/cloud-protocols/ssl-tls.md).
# SSL/TLS
YuDash IoT gateways supports SSL/TLS secure communication for MQTT and HTTP protocol.
Following are typical steps to enable SSL/TLS security layer
1. Enable TLS/SSL within the cloud protocol settings.
2. Change the server port for TLS/SSL communication.
3. Upload server CA certificate in the IoT device.
{% hint style="info" %}
This documentation explains the TLS for CA signed server, which require a single pem file. For self signed TLS (involving pem, crt and key), refer to this [documentation](/device-to-cloud-api/cloud-protocols/ssl-tls/selfsigned.md).
{% endhint %}
### **SSL/TLS for MQTT**
1\) Enable "SSL/TLS" radio button in **MQTT Secure Layer**. Change the **MQTT port** pertaining to secure layer of server. This is typically 8883 for MQTT.
2\) Upload server CA certificate to IoT device. First, **Choose File** and select the .pem file from local computer. Then, click on **Load SSL/TLS File** which will load the file in the browser. Finally, click on **Write SSL/TLS file**, which will write the the file into the IoT device.
3\) Following message is shown when CA certificate file is written successfully.
{% hint style="info" %}
By default, the CA certificate for MQTT protocol is stored as file name /assets/mqtt\_cacert.pem within the YuDash IoT device.
{% endhint %}
### **SSL/TLS for HTTP**
1\) Enable "SSL/TLS" radio button in **HTTP Secure Layer**. Change the **HTTP port** pertaining to secure layer of server. This is typically 443 for HTTP
2\) Upload server CA certificate to IoT device. First, **Choose File** and select the .pem file from local computer. Then, click on **Load SSL/TLS File** which will load the file in the browser. Finally, click on **Write SSL/TLS file**, which will write the the file into the IoT device.
3\) Following message is shown when CA certificate is written successfully.
{% hint style="info" %}
By default, the CA certificate for HTTP protocol is stored as file name /assets/http\_cacert.pem within the YuDash IoT device.
{% endhint %}
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.yudash.com/device-to-cloud-api/cloud-protocols/ssl-tls.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.