Mosquitto library uses certificates and keys for connection, this is great. But as far as I see it requires paths to the respective files. This means the security data is stored in the file system. This means if system is stolen and booted, these certificates/keys can be also stolen, even if they are located on encrypted volume (which must be mounted to provide access for
What are the recommended options to protect certificate/key data if system is stolen? Apart from setting user password/restricting console usage? Any way supplying security data to the mosquitto client library without file system in the middle?