Mosquitto on Home Assistant: Bridge to remote MQTT broker using CA signed server certificate

Question

How can Mosquitto (The version integrated into Home Assistant) be configured to connect as Bridge to a remote broker using only the "CA signed server certificate" option (like MQTT.fx does) with a Let's encrypt certificate?

Eg http://mqttfx.jensd.de/ has this option in the connection settings and the connection to the broker works fine:

The configuration looks like this:

connection bridge-01
 log_type all
 require_certificate false
 cleansession true
 try_private true
 bridge_protocol_version mqttv311
 bridge_insecure false
 bridge_cafile /etc/ssl/letsencrypt.crt
 address mycompany.com:8883
 remote_clientdid raspi_test
 remote_username raspi
 remote_password password
 topic # out 0

Just as hints:

• Adding the Let's Encrypt root certificate or Let's Encrypt Authority X3 certificate ( https://letsencrypt.org/certificates/ ) as bridge_cafile fails with a certificate validation error or with socket error on client raspi.local... .
• Home assistant is run on a Raspberry Pi 4 (Just for completeness reasons)
• Mqtt broker version is Mosquitto 5.1 (Home assistant plugin)
• The connection (clientid, username and password) is ok, works with MQTT.fx

Answer 1

Using bridge_capath /etc/ssl/certs/ instead of bridge_cafile /etc/ssl/letsencrypt.crt worked for us.

There are already a lot of pre-installed trusted certificates and the added ones (Let's Encrypt root certificate or Let's Encrypt Authority X3 certificate) in the folder.

A good link to another question explaining this (also it didn't help me), is bridge local mosquitto to cloud broker .