In main.go, on line 38, all three configuration options must be specified in order to set the appropriate kafka ca certificate location parameter. Mutual TLS requires all three, but regular TLS (where the brokers don't authenticate the clients over TLS) does not work unless you create a bogus client certificate and keypair (that isn't used).
An easy fix would be to set those TLS options if the kafka security protocol is either ssl or sasl_ssl
In main.go, on line 38, all three configuration options must be specified in order to set the appropriate kafka ca certificate location parameter. Mutual TLS requires all three, but regular TLS (where the brokers don't authenticate the clients over TLS) does not work unless you create a bogus client certificate and keypair (that isn't used).
An easy fix would be to set those TLS options if the kafka security protocol is either ssl or sasl_ssl