Self Signed Certs for MQTT Connector with TLS

Question

How to setup Kafka Connect to deploy an MQTT connector with TLS Connection using Self Signed Certificates

Example files

CA.crt: Root Cert with complete ca-chain needed for the connection
User.crt: User certificate
User.key: User key-pair

Answer

First locate the JVM you are using to launch Kafka Connect. If the JVM is the default system’s JVM then JAVA_HOME env will do

Then import the root cert (CA.crt) specific jvm cacerts truststore

keytool -importcert -file /path/to/CA.crt -keystore "${JAVA_HOME}/lib/security/cacerts"

Note: You need to trust the certificate that you import into the default truststore of your JVM. All processes that run in the specific JVM will also trust any cert you import in the default truststore