There is a more comprehensive example of a full TLS configuration for MQTT elsewhere on the forum so you should do some more searching for that.
If using self-generated certs, make sure you turn off certificate checks unless you have done ALL of the steps required and provided the full-chain certificate and not just the server cert. since that is the only way that the client will have of checking that the certificate is valid.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy