Configure consumer properties for Apache Kafka® toolbox

The open source Apache Kafka® code includes a series of tools under the bin directory that can be useful to manage and interact with Aiven for Apache Kafka®. Before using the tools, you need to configure a file pointing to a Java keystore and truststore which contain the required certificates for authentication.

Define the configuration file

  1. Create the Java keystore and truststore for your Aiven for Apache Kafka® service using the dedicated Aiven CLI command.

  2. Create a file pointing to the keystore and truststore with the following entries:

  • security.protocol: security protocol, SSL for the default TLS security settings

  • ssl.keystore.type: keystore type, PKCS12 for the keystore generated with the dedicated Aiven CLI command

  • ssl.keystore.location: keystore location on the file system

  • ssl.keystore.password: keystore password

  • ssl.truststore.location: truststore location on the file system

  • ssl.truststore.password: truststore password

  • ssl.key.password: keystore password


The avn service user-kafka-java-creds Aiven CLI command accepts a --password parameter setting the same password for the truststore, keystore and key

An example of the content is the following: