Step 1: Generate keys and certificates for Kafka brokers
Learn how to generate keys and certificates for brokers.
Generate the key and the certificate for each machine in the cluster using the Java keytool utility. For more information see, the Generate TLS Certificates section in Manually Configuring TLS Encryption for Cloudera Manager.
Make sure that the common name (CN) matches the fully qualified domain name (FQDN) of your server. The client compares the CN with the DNS domain name to ensure that it is connecting to the correct server.