Hi @gaurav
TLS/SSL has two phases–a certificate-based public key negotiation phase and the data transfer phase using private key crypto like AES. The Spark cloud implements both of these phases by preloading all the Spark cores with the cloud public key and different core-specific private key for negotiation and then AES for the data security, so the model is similar.
The problem on a Spark with general TLS/SSL is the certificate management. If you take a look at a modern cert in your browser, there are lots and lots possible algorithms with lots of public key data that would be difficult to handle on the limited sources of the Spark or any micro.
If you could have a strategy like the Spark cloud where you are only using one type of public key crypto to negotiate and only using one type of private key crypto for data encryption, and pre-caching the public key in the firmware, then you could talk to your MQTT host in a way similar to how the Spark cloud works.