Amazon MQ / active mqtt - MQTTS without client certificate?


I'm using amazon MQ as an MQTT broker with my node-red application.
Amazon MQ doesn't support Client Certificate Authentication and uses credentials stored in the LDAP server for tls.


  1. What are the implications of not using a client certificate?
  2. Is it enough to use LDAP for client authentication?
  3. Any other cloud MQTT providers that support client certificate authentication?