Configure Confluent Platform Components to Communicate with MDS over TLS/SSL

This topic describes the Kafka client configuration for Confluent Platform components communicating with MDS over TLS/SSL. These files can be found in your Confluent Platform install server directory in the following locations:

Component Properties file to update
Schema Registry /etc/schema-registry/schema-registry.properties
ksqlDB /etc/ksqldb/ksql-server.properties
Connect /etc/kafka/connect-distributed.properties
Confluent Control Center /etc/confluent-control-center/control-center.properties
REST Proxy /etc/kafka-rest/kafka-rest.properties

Specify the following Kafka client configuration for your component. Any content in brackets (<>) must be customized for your environment.

confluent.metadata.bootstrap.server.urls=https://<MDS-advertised-listener0>:8090,https://<MDS-advertised-listener1>:8090,...
confluent.metadata.http.auth.credentials.provider=BASIC
confluent.metadata.basic.auth.user.info=<username>:<password>
confluent.metadata.ssl.truststore.location=<truststore-location>
confluent.metadata.ssl.truststore.password=<truststore-password>
confluent.metadata.ssl.keystore.location=<keystore-location>
confluent.metadata.ssl.keystore.password=<keystore-password>
confluent.metadata.ssl.key.password=<key-password>
confluent.metadata.ssl.endpoint.identification.algorithm=HTTPS

See also: