Retrieving the IBM Event Streams truststore

You can choose IBM Event Streams as your Apache Kafka provider. The default configuration secures communications to the Kafka brokers with SSL and with authentication based on an API key.

About this task

After IBM Event Streams is installed, to configure it for IBM Business Automation Insights, you retrieve Kafka bootstrap server URLs, download the Kafka server certificate and truststore for the SSL connection, and generate the connection API key. Detailed instructions for the steps below are provided in section Securing the connection of the IBM Event Streams documentation.

Procedure

  1. From the Helm releases workload, go to the IBM Event Streams release and generate an API key.
    1. Open the IBM Event Streams management console.
    2. Click Connect to this cluster.
    3. Choose an API key name, for example kafka_bai, and click Produce, consume and create topics.
    4. Authorize all topics and groups.
    5. Click Next, and then Generate API key.
  2. Use token as the Kafka Username parameter.
  3. Use the API key that you generated in step 1 as the Kafka Password value.

    For IBM Business Automation Insights, the Operator IBM Event Streams role (or higher) is required to read and write to Kafka topics.

  4. For the Kafka Server certificate, download the PEM certificate file and convert it to base64.
    • On Linux® or MacOS
      base64
    <es-cert.pem>
    • On Windows
      certutil -encode <PEM certificat file name> <converted PEM certificat file name>
  5. Download the Java™ truststore that contains the broker certificate, which you use later to configure event emitters.

    For more information about event emitter security, see Securing communications from event emitters to Kafka.