SSL Encryption For Kafka Pipelines

For enabling SSL encryption (only) for Kafka pipelines, we created the pipeline like below:

CREATE PIPELINE `kafka_ssl`
AS LOAD DATA KAFKA '<kafka-host>:<kafka-port>/test'
CONFIG '{"security.protocol": "ssl"
"ssl.ca.location": "<path-to-the-ca-certificate>"}''
INTO table <t>;

from https://docs.memsql.com/v7.0/concepts/pipelines/kafka-kerberos-ssl/

Please note that we’re not looking for Client authentication (mutual TLS connection). This requires us to manually copy the CA Cert into memsql nodes and provide that path. This works fine for standalone Kafka cluster.

What is the recommended approach if we’re using AWS MSK?

Following documentation points to the client configuration for SSL encryption for MSK clients. They use client truststore location as a property which is not an identified property for memsql pipeline config json

https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html
https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html