diff --git a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/config/IotGatewayProperties.java b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/config/IotGatewayProperties.java
index 461698c46c..ad7e69b911 100644
--- a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/config/IotGatewayProperties.java
+++ b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/config/IotGatewayProperties.java
@@ -98,6 +98,21 @@ public class IotGatewayProperties {
          */
         private Integer serverPort;
 
+        /**
+         * 是否开启 SSL
+         */
+        @NotNull(message = "是否开启 SSL 不能为空")
+        private Boolean sslEnabled = false;
+
+        /**
+         * SSL 证书路径
+         */
+        private String sslKeyPath;
+        /**
+         * SSL 证书路径
+         */
+        private String sslCertPath;
+
     }
 
     @Data
diff --git a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxAuthEventProtocol.java b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxAuthEventProtocol.java
index 059479b89d..a44d9fb9df 100644
--- a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxAuthEventProtocol.java
+++ b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxAuthEventProtocol.java
@@ -70,6 +70,7 @@ public class IotEmqxAuthEventProtocol {
         IotEmqxAuthEventHandler handler = new IotEmqxAuthEventHandler(serverId);
         router.post(IotMqttTopicUtils.MQTT_AUTH_PATH).handler(handler::handleAuth);
         router.post(IotMqttTopicUtils.MQTT_EVENT_PATH).handler(handler::handleEvent);
+        // TODO @haohao：/mqtt/acl 需要处理么？
 
         // 3. 启动 HTTP 服务器
         try {
diff --git a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxUpstreamProtocol.java b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxUpstreamProtocol.java
index 9e6631af64..dee9cc083d 100644
--- a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxUpstreamProtocol.java
+++ b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/emqx/IotEmqxUpstreamProtocol.java
@@ -127,6 +127,7 @@ public class IotEmqxUpstreamProtocol {
         // 1. 连接 MQTT Broker
         CountDownLatch latch = new CountDownLatch(1);
         AtomicBoolean success = new AtomicBoolean(false);
+        // TODO @haohao：要不要加 MqttClientOptions 参数？1）setCleanSession true；2）setMaxInflightQueue 10000；3）setKeepAliveInterval 60；4）setSsl/setTrustAll
         mqttClient.connect(port, host, connectResult -> {
             if (connectResult.succeeded()) {
                 log.info("[connectMqttSync][MQTT 客户端连接成功, host: {}, port: {}]", host, port);
diff --git a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/http/IotHttpUpstreamProtocol.java b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/http/IotHttpUpstreamProtocol.java
index 82d651db80..eda59d13ff 100644
--- a/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/http/IotHttpUpstreamProtocol.java
+++ b/yudao-module-iot/yudao-module-iot-gateway/src/main/java/cn/iocoder/yudao/module/iot/gateway/protocol/http/IotHttpUpstreamProtocol.java
@@ -7,6 +7,8 @@ import cn.iocoder.yudao.module.iot.gateway.protocol.http.router.IotHttpUpstreamH
 import io.vertx.core.AbstractVerticle;
 import io.vertx.core.Vertx;
 import io.vertx.core.http.HttpServer;
+import io.vertx.core.http.HttpServerOptions;
+import io.vertx.core.net.PemKeyCertOptions;
 import io.vertx.ext.web.Router;
 import io.vertx.ext.web.handler.BodyHandler;
 import jakarta.annotation.PostConstruct;
@@ -49,10 +51,17 @@ public class IotHttpUpstreamProtocol extends AbstractVerticle {
         router.post(IotHttpUpstreamHandler.PATH).handler(upstreamHandler);
 
         // 启动 HTTP 服务器
+        HttpServerOptions options = new HttpServerOptions()
+                .setPort(httpProperties.getServerPort());
+        if (Boolean.TRUE.equals(httpProperties.getSslEnabled())) {
+            PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions().setKeyPath(httpProperties.getSslKeyPath())
+                    .setCertPath(httpProperties.getSslCertPath());
+            options = options.setSsl(true).setKeyCertOptions(pemKeyCertOptions);
+        }
         try {
-            httpServer = vertx.createHttpServer()
+            httpServer = vertx.createHttpServer(options)
                     .requestHandler(router)
-                    .listen(httpProperties.getServerPort())
+                    .listen()
                     .result();
             log.info("[start][IoT 网关 HTTP 协议启动成功，端口：{}]", httpProperties.getServerPort());
         } catch (Exception e) {