[CIT-620] Modify certificate configuration for external MQTT access (#515)

* Add conditional configuration to enable or disable external mqtt
certificates
* Add a quick tutorial how to use external settings

Signed-off-by: Lukasz Woznicki <lukasz.woznicki@softwareag.com>

1 files changed, 6 insertions, 3 deletions

diff --git a/tedge_config/src/settings.rs b/tedge_config/src/settings.rs
index d8f8c206..e5cea255 100644
--- a/tedge_config/src/settings.rs
+++ b/tedge_config/src/settings.rs
@@ -210,7 +210,8 @@ impl ConfigSetting for MqttExternalCAPathSetting {
     const DESCRIPTION: &'static str = concat!(
         "Path to a file containing the PEM encoded CA certificates ",
         "that are trusted when checking incoming client certificates. ",
-        "Example: /etc/ssl/certs"
+        "Example: /etc/ssl/certs",
+        "Note: If the capath is not set, then no certificates are required for the external connections."
     );
 
     type Value = FilePath;
@@ -224,7 +225,8 @@ impl ConfigSetting for MqttExternalCertfileSetting {
 
     const DESCRIPTION: &'static str = concat!(
         "Path to the certificate file, which is used by external MQTT listener",
-        "Example: /etc/tedge/device-certs/tedge-certificate.pem"
+        "Example: /etc/tedge/device-certs/tedge-certificate.pem",
+        "Note: This setting shall be used together with `mqtt.external.keyfile` for external connections."
     );
 
     type Value = FilePath;
@@ -238,7 +240,8 @@ impl ConfigSetting for MqttExternalKeyfileSetting {
 
     const DESCRIPTION: &'static str = concat!(
         "Path to the private key file, which is used by external MQTT listener",
-        "Example: /etc/tedge/device-certs/tedge-private-key.pem"
+        "Example: /etc/tedge/device-certs/tedge-private-key.pem",
+        "Note: This setting shall be used together with `mqtt.external.certfile` for external connections."
     );
 
     type Value = FilePath;