SSL Configuration Exception

[jenfredwell]

libc++abi.dylib: terminating with uncaught exception of type cppkafka::Exception: Failed to create producer handle: ssl.ca.location failed: No error

I have attempted use the script found at https://github.com/confluentinc/confluent-platform-security-tools and the guide at https://kafka.apache.org/documentation/#security_ssl to generate the keystore and truststore for the clients and brokers. However, cppkafka and librdkafka do not support this format and I am struggling to take what I have already generated and use with the given configuration options here.

The error message above does not really help give any insight in what I am doing wrong. My producer configuration is as follows:

  cppkafka::Configuration config =
  {
    { "metadata.broker.list", brokers_list}, 
    { "client.id", "test" },
    { "linger.ms", "30000" }, 
    { "security.protocol", "ssl" },
    { "ssl.ca.location", "ca-key" },  // key generated from script above
    { "ssl.certificate.location", "kafka.mac.pem" },  // extracted from client keystore 
    { "ssl.key.location", "kafka.mac.key" },               // extracted from client keystore
    { "ssl.key.password", "<password>" },
  };

Any help or insight would be appreciated. Thanks in advance.

[dnj12345]

{ "ssl.ca.location", "ca-key" }, // key generated from script above

Shouldn't that be a cert file in PEM format instead of the key?