From 54926d3843ab0c0915ed0a37cdf4a284003749a8 Mon Sep 17 00:00:00 2001
From: h2zero <32826625+h2zero@users.noreply.github.com>
Date: Wed, 17 Jan 2024 16:27:07 -0700
Subject: [PATCH] Add documentation for MQTT X.509 client certificates. (#3387)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: h2zero <powellperalata@gmail.com>
Co-authored-by: H. Árkosi Róbert <robreg@zsurob.hu>
Co-authored-by: Jesse Hills <3060199+jesserockz@users.noreply.github.com>
---
 components/mqtt.rst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/components/mqtt.rst b/components/mqtt.rst
index d1d901eef..8187cc3a0 100644
--- a/components/mqtt.rst
+++ b/components/mqtt.rst
@@ -81,6 +81,8 @@ Configuration variables:
   for verifying SSL connections. See :ref:`mqtt-ssl_fingerprints`.
   for more information.
 - **certificate_authority** (*Optional*, string): Only with ``esp-idf``. CA certificate in PEM format. See :ref:`mqtt-tls-idf` for more information
+- **client_certificate** (*Optional*, string): Only on ``esp32``. Client certificate in PEM format.
+- **client_certificate_key** (*Optional*, string): Only on ``esp32``. Client private key in PEM format.
 - **skip_cert_cn_check** (*Optional*, bool): Only with ``esp-idf``. Don't verify if the common name in the server certificate matches the value of ``broker``.
 - **idf_send_async** (*Optional*, bool): Only with ``esp-idf``. If true publishing the message happens from the internal mqtt task. The client only enqueues the message. Defaults to ``false``.
   The advantage of asyncronous publishing is that it doesn't block the esphome main thread. The disadvantage is a delay (up to 1-2 seconds) until the messages are actually sent out.