Retrieving the Kafka broker certificate

To generate a keystore and truststore for the BPMN event emitter, you need the Kafka server certificate.

About this task

To retrieve the Kafka broker certificate, you determine the Kafka broker certificate and you extract the server certificate from the broker.

Procedure

  1. Determine the Kafka broker certificate on IBM® Event Streams for IBM Cloud Private.

    For details of the procedure, see Using IBM Event Streams as your Kafka provider.

  2. To extract the server certificate from the broker to a file, run the export command as follows. 
    export BROKER_IP=<kafka broker IP>
export BROKER_PORT=<kafka broker port>
export CERT_FILE=<path to new file>/kafka-cert.pem
openssl s_client -showcerts -connect ${BROKER_IP}:${BROKER_PORT} </dev/null 2>/dev/null|openssl x509 -outform PEM > $CERT_FILE
Parent topic: Securing communications and data