emqx4.3/apps/emqx/etc/ssl_dist.conf

%% This additional config file is used when the config 'cluster.proto_dist' in emqx.conf is set to 'inet_tls'.
%% Which means the EMQX nodes will connect to each other over TLS.
%% For more information about inter-broker security, see: https://docs.emqx.com/en/enterprise/v5.3/deploy/cluster/security.html

%% For more information in technical details see: http://erlang.org/doc/apps/ssl/ssl_distribution.html

[{server,
  [
  %{log_level, debug}, %% NOTE: debug level logging impacts performance, and need to set EMQX logging level to 'debug'
   {certfile, "{{ platform_etc_dir }}/certs/cert.pem"},
   {keyfile, "{{ platform_etc_dir }}/certs/key.pem"},
   {cacertfile, "{{ platform_etc_dir }}/certs/cacert.pem"},
   {verify, verify_none}
  ]},
 {client,
  [
   {verify, verify_none}
  ]}].