clarification on instructions, adding to toc

docs/plugins/cert.md

@@ -1,6 +1,13 @@
-
 # Authentication Using Signed Certificates
 
+Using client-specific certificates, signed by a common authority (even if self-signed) provides
+a highly secure way of authenticating mqtt clients. Often used with IoT devices where a unique
+certificate can be initialized on initial provisioning.
+
+With so many options, X509 certificates can be daunting to create with `openssl`. Included are 
+command line utilities to generate a root self-signed certificate and then the proper broker and
+device certificates with the correct X509 attributes to enable authenticity. 
+
 ### Quick start
 
 Generate a self-signed root credentials and server credentials:

docs/plugins/contrib.md

@@ -17,3 +17,12 @@ These are fully supported plugins but require additional dependencies to be inst
 - [HTTP Auth](http.md)<br/>
   Determine client authentication and authorization based on response from a separate HTTP server.<br/>
   `amqtt.contrib.http.HttpAuthTopicPlugin`
+
+- [Certificate Auth](cert.md)<br/>
+  Using client-specific certificates, signed by a common authority (even if self-signed) provides
+   a highly secure way of authenticating mqtt clients. Often used with IoT devices where a unique
+   certificate can be initialized on initial provisioning. Includes command line utilities to generate
+   root, broker and device certificates with the correct X509 attributes to enable authenticity.
+
+   `amqtt.contrib.cert.CertificateAuthPlugin.Config`
+

mkdocs.rtd.yml

@@ -44,6 +44,7 @@ nav:
             - plugins/contrib.md
             - Database Auth: plugins/auth_db.md
             - HTTP Auth: plugins/http.md
+            - Certificate Auth: plugins/cert.md
       - Configuration:
           - Broker: references/broker_config.md
           - Client: references/client_config.md