Release Notes and Announcements

Release Notes

Product Introduction

TDMQ Product Series Introduction and Selection

What Is TDMQ for MQTT

Scenarios

Technical Architecture

Product series

MQTT Protocol Compatibility Notes

Comparison with Apache

High Availability

Product Constraints and Usage Quota

Basic Concepts

Supported Regions

Billing

Billing Overview

Renewal Instructions

Viewing Consumption Details

Overdue Payment Instructions

Refund

Getting Started

Guide for Getting Started

Preparations

Public Network Access

VPC Network Access

User Guide

Usage Process Guide

Configuring Account Permission

Creating a Cluster

Managing Topic

Connecting to the Cluster

Querying Messages

Managing Client

Managing a Cluster

Viewing Monitoring Metrics and Configuring Alarm Policies

Data Integration

Integrating Data Into SCF

Integrating Data Into CKafka

Integrating Data into RocketMQ

Development Guide

MQTT 5 Advanced Features

Data Plane HTTP API Description

Quota and Flow Control Mechanism Description

Configuring a Custom Domain Name

Configuring SQL Filtering

Configuring Point-to-Point Subscription

MQTT over QUIC

Managing Client Subscription

Message Enhancement Rule

Use Cases

Must-Knows for MQTT Client Development

Observability

Topic and Wildcard Subscriptions

API Reference

History

Introduction

API Category

Making API Requests

Cluster APIs

Topic APIs

Authorization Policy APIs

User APIs

Client APIs

Message Enhancement Rule APIs

Message APIs

Data Types

Error Codes

SDK Reference

Access Point Format

Java SDK

C SDK

Javascript/Node.JS/Mini Program

Go SDK

iOS SDK

JavaScript SDK

Dart SDK

Python SDK

.NET

Security and Compliance

Permission Management

FAQs

Related Agreement

Data Privacy And Security Agreement

TDMQ for MQTT Service Level Agreement

Configuring a Custom Domain Name

PDF

Focus Mode

Font Size

Last updated: 2026-04-01 16:37:51

Users can use a custom domain name to connect to the TDMQ for MQTT cluster. This method has several advantages:
When MQTT access points are provided to customers, maintain brand consistency for users.
Migrate the backend cluster by reparsing DNS, keeping the access point unchanged.
Reuse existing corporate PKI facilities.
﻿
Configuring an instance to use a custom domain name includes the following steps:
1. Upload a server certificate to SSL Certificate Service.
2. Configure server certificate pairs and trust certificates for the MQTT instance.
3. Create a DNS record.
Uploading Certificate Pairs and Trust Certificates to SSL Certificate Service
To ensure normal certificate rotation and expiration reminder and avoid impacting business continuity, the MQTT instance can only be configured with certificates managed by SSL Certificate Service.
Certificate Requirements
1. The server certificate (End Entity Certificate) must include the X.509 v3 Extended Key Usage extension, which must contain serverAuth (TLS Web Server Authentication) as specified in RFC 5280. The certificate should include the necessary Subject Alternative Name (SAN) extension and Common Name (CN). If your certificate is issued by a CA, it normally includes this extension.
Note:
Major browsers have deprecated CN matching, such as Chrome 58 and a later version. When Web Secure Socket is used as the MQTT transport layer, ensure the SAN extension and Server Auth value.
2. The certificate chain can contain up to 5 certificates.
3. The certificate chain file does not exceed 16 KiB.
Certificate Upload, Management, and Purchase
For details, see the SSL Certificate Upload Guide.
Configuring Certificates and Trust Certificates for the MQTT Instance
In the MQTT console, on the Cluster page, switch to Authentication Management/X.509 Certificate Management page:
﻿
Choose the appropriate authentication mode based on whether client certificate verification is required.
One-way authentication: Client certificate verification is not performed.
Two-way authentication: Client certificate verification is performed.
﻿
Assume the selected server certificate Subject Alternative Name contains the following domain name: mqtt-abc.company.com.
Creating a DNS Record
Refer to  DNS - CNAME Record to create a CNAME record that resolves mqtt-abc.company.com to the domain name provided by the instance's access point: mqtt-xxx-sh-public.mqtt.tencenttdmq.com.
﻿
Subsequently, the instance can be accessed via mqtt-abc.company.com.

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

TDMQ for MQTT

Configuring a Custom Domain Name

Uploading Certificate Pairs and Trust Certificates to SSL Certificate Service

Certificate Requirements

Certificate Upload, Management, and Purchase

Configuring Certificates and Trust Certificates for the MQTT Instance

Creating a DNS Record

Help and Support