Configure Confluent Platform Components to Communicate with MDS over TLS/SSL

This topic describes the Kafka client configuration for Confluent Platform components communicating with MDS over TLS/SSL. These files can be found in your Confluent Platform install server directory in the following locations:

Component	Properties file to update
Schema Registry	/etc/schema-registry/schema-registry.properties
ksqlDB	/etc/ksqldb/ksql-server.properties
Connect	/etc/kafka/connect-distributed.properties
Confluent Control Center (Legacy)	/etc/confluent-control-center/control-center.properties
REST Proxy	/etc/kafka-rest/kafka-rest.properties

Specify the following Kafka client configuration for your component. Any content in brackets (<>) must be customized for your environment.

confluent.metadata.bootstrap.server.urls=https://<MDS-advertised-listener0>:8090,https://<MDS-advertised-listener1>:8090,...
confluent.metadata.http.auth.credentials.provider=BASIC
confluent.metadata.basic.auth.user.info=<username>:<password>
confluent.metadata.ssl.truststore.location=<truststore-location>
confluent.metadata.ssl.truststore.password=<truststore-password>
confluent.metadata.ssl.keystore.location=<keystore-location>
confluent.metadata.ssl.keystore.password=<keystore-password>
confluent.metadata.ssl.key.password=<key-password>
confluent.metadata.ssl.endpoint.identification.algorithm=HTTPS

See also:

• HTTPS Configuration Options

• Metadata Service Configuration Options

• Encrypt and Authenticate with TLS