Configure Confluent Platform Components to Communicate with MDS over TLS

This topic describes the Kafka client configuration for Confluent Platform components to communicate with MDS over TLS. These files can be found in your Confluent Platform install server directory in the following locations:

Component	Properties file to update
Schema Registry	/etc/schema-registry/schema-registry.properties
ksqlDB	/etc/ksqldb/ksql-server.properties
Connect	/etc/kafka/connect-distributed.properties
Confluent Control Center (Legacy)	/etc/confluent-control-center/control-center.properties
REST Proxy	/etc/kafka-rest/kafka-rest.properties

Specify the following Kafka client configuration for your component. Any content in brackets (<>) must be customized for your environment.

confluent.metadata.bootstrap.server.urls=https://<MDS-advertised-listener0>:8090,https://<MDS-advertised-listener1>:8090,...
confluent.metadata.http.auth.credentials.provider=BASIC
confluent.metadata.basic.auth.user.info=<username>:<password>
confluent.metadata.ssl.truststore.location=<truststore-location>
confluent.metadata.ssl.truststore.password=<truststore-password>
confluent.metadata.ssl.keystore.location=<keystore-location>
confluent.metadata.ssl.keystore.password=<keystore-password>
confluent.metadata.ssl.key.password=<key-password>
confluent.metadata.ssl.endpoint.identification.algorithm=HTTPS

See also:

• HTTPS Configuration Options

• Metadata Service Configuration Settings

• Use TLS Authentication in Confluent Platform