Pre-requisites

If your Kafka server has TLS enabled, you can configure the connector with the TLS certificates needed to authenticate with the server. The following shows an example to extract client credentials from a Kafka server's certificates store. This requires the OpenSSL and Keytool commands to be available on the system.

# Extract the certificate authority (CA) certificate file from the server's trust store (in this example kafka.server.truststore.jks) into a file ca.p12
keytool -importkeystore -srckeystore kafka.server.truststore.jks -destkeystore ca.p12 -deststoretype PKCS12

# Extract the CA certificate file in PEM format
openssl pkcs12 -in ca.p12 -nokeys -out ca.cer.pem

# Extract the client's key and certificate from the server's key store (in this example kafka.server.keystore.jks) into a file client.p12
keytool -importkeystore -srckeystore kafka.server.keystore.jks -destkeystore client.p12 -deststoretype PKCS12

# Extract the client certificate file in PEM format
openssl pkcs12 -in client.p12 -nokeys -out client.cer.pem

# Extract the client key file in PEM format
openssl pkcs12 -in client.p12 -nodes -nocerts -out client.key.pem

Kafka configuration parameters

Field Required Description
Name Identifier for the connector. Used when setting up pipelines.
Topic name Name of the topic to ingest messages from.
Client certificate PEM encoded contents of a client certificate to use for TLS authentication.
Client key PEM encoded contents of the client certificate's key during TLS authentication.
CA certificate PEM encoded contents of the Certificate Authority certificate to use during TLS authentication.