Secure connection Mqtt

Hello everyone,
I am a new user, I hope I am not OT.
I would like to ask for some help on mqqt.
For security reasons I created a user and password to connect to my mqqt broker, with a public CA for tls connection, like a website in https, the client downloads the certificate from the server and connects. My question is:
In this case does my password go in cleartext or not?
or for more security is it better to create a ssl certificate for the server and the client, and send the certificate to be configured on the client?
Thanks in advance for your support