Java Producer/Consumer kafka client properties required when accessing a SSL-Auth secured Kafka brokers/cluster?

Question

When we connect to Kafka cluster/kafka, In the java clients we define certain properties -
Example Producer Properties

 Properties props = new Properties();
 props.put("bootstrap.servers", "localhost:9092");
 props.put("acks", "all");
 props.put("retries", 0);
 props.put("batch.size", 16384);
 props.put("linger.ms", 1);
 props.put("buffer.memory", 33554432);
 props.put("key.serializer", "org.apache.kafka.common.serialization.StringSerializer");
 props.put("value.serializer", "org.apache.kafka.common.serialization.StringSerializer");

Example Consumer Properties -

Properties props = new Properties();
props.setProperty("bootstrap.servers", "localhost:9092");
props.setProperty("group.id", "test");
props.setProperty("enable.auto.commit", "true");
props.setProperty("auto.commit.interval.ms", "1000");
props.setProperty("key.deserializer", "org.apache.kafka.common.serialization.StringDeserializer");
props.setProperty("value.deserializer", "org.apache.kafka.common.serialization.StringDeserializer");

Similarly, should any properties (like keystore and truststore path, etc) related to the SSL-Auth be mentioned here when connecting to Kafka Cluster secured with SSL-Auth.
Could someone elaborate and explain how the java client can connect to a secured Kafka cluster.

Ref - Above props have been taken from Kafka docs - kafka producer / kafka consumer

Answer 1

There's a section in the Kafka docs that details how to configure SSL authentication: http://kafka.apache.org/documentation/#security_ssl

In the Configuring Kafka clients section, it lists the required settings:

# For SSL
security.protocol=SSL
ssl.truststore.location=/var/private/ssl/client.truststore.jks
ssl.truststore.password=test1234

# For SSL auth
ssl.keystore.location=/var/private/ssl/client.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234