Agilefreaks
diff --git a/‎credentials/SSLKafkaApi.credentials.ts
+64-4 b/‎credentials/SSLKafkaApi.credentials.ts
+64-4
diff --git a/‎nodes/Kafka/SslKafka.node.ts
+45-17 b/‎nodes/Kafka/SslKafka.node.ts
+45-17
diff --git a/‎nodes/Kafka/SslKafkaTrigger.node.ts
+26-6 b/‎nodes/Kafka/SslKafkaTrigger.node.ts
+26-6
@@ -1,11 +1,11 @@
 import type { ICredentialType, INodeProperties } from 'n8n-workflow';
 
-export class Kafka implements ICredentialType {
-	name = 'kafka';
+export class SslKafkaApi implements ICredentialType {
+	name = 'sslKafkaApi';
 
-	displayName = 'Kafka';
+	displayName = 'SSL Kafka';
 
-	documentationUrl = 'kafka';
+	documentationUrl = 'https://github.com/unglobalcompact/n8n-ssl-kafka-node';
 
 	properties: INodeProperties[] = [
 		{
@@ -29,6 +29,66 @@ export class Kafka implements ICredentialType {
 			type: 'boolean',
 			default: true,
 		},
+		{
+			displayName: 'SSL CA',
+			name: 'sslCa',
+			type: 'string',
+			typeOptions: {
+				password: true,
+			},
+			displayOptions: {
+				show: {
+					ssl: [true],
+				},
+			},
+			default: '',
+			description: 'Cert chains in PEM format. One cert chain should be provided per private key. Each cert chain should consist of the PEM formatted certificate for a provided private key, followed by the PEM formatted intermediate certificates (if any), in order, and not including the root CA (the root CA must be pre-known to the peer, see ca). When providing multiple cert chains, they do not have to be in the same order as their private keys in key. If the intermediate certificates are not provided, the peer will not be able to validate the certificate, and the handshake will fail.',
+		},
+		{
+			displayName: 'SSL Cert',
+			name: 'sslCert',
+			type: 'string',
+			typeOptions: {
+				password: true,
+			},
+			displayOptions: {
+				show: {
+					ssl: [true],
+				},
+			},
+			default: '',
+			description: 'Cert chains in PEM format. One cert chain should be provided per private key. Each cert chain should consist of the PEM formatted certificate for a provided private key, followed by the PEM formatted intermediate certificates (if any), in order, and not including the root CA (the root CA must be pre-known to the peer, see ca). When providing multiple cert chains, they do not have to be in the same order as their private keys in key. If the intermediate certificates are not provided, the peer will not be able to validate the certificate, and the handshake will fail.',
+		},
+		{
+			displayName: 'SSL Key',
+			name: 'sslKey',
+			type: 'string',
+			typeOptions: {
+				password: true,
+			},
+			displayOptions: {
+				show: {
+					ssl: [true],
+				},
+			},
+			default: '',
+			description: 'Private keys in PEM format. PEM allows the option of private keys being encrypted. Encrypted keys will be decrypted with options.passphrase. Multiple keys using different algorithms can be provided either as an array of unencrypted key strings or buffers, or an array of objects in the form {pem: <string|buffer>[, passphrase: ]}. The object form can only occur in an array. object.passphrase is optional. Encrypted keys will be decrypted with object.passphrase if provided, or options.passphrase if it is not.',
+		},
+		{
+			displayName: 'SSL Key Passphrase',
+			name: 'sslPassphrase',
+			type: 'string',
+			typeOptions: {
+				password: true,
+			},
+			displayOptions: {
+				show: {
+					ssl: [true],
+				},
+			},
+			default: '',
+			description: 'Shared passphrase used for a single private key and/or a PFX.',
+		},
 		{
 			displayName: 'Authentication',
 			name: 'authentication',
 
@@ -15,8 +15,6 @@ import type {
 } from 'n8n-workflow';
 import { ApplicationError, NodeConnectionType, NodeOperationError } from 'n8n-workflow';
 
-import { generatePairedItemData } from '../../utils/utilities';
-
 export class SslKafka implements INodeType {
 	description: INodeTypeDescription = {
 		displayName: 'SSL Kafka',
@@ -26,13 +24,13 @@ export class SslKafka implements INodeType {
 		version: 1,
 		description: 'Sends messages to a Kafka topic',
 		defaults: {
-			name: 'Kafka',
+			name: 'SSL Kafka',
 		},
 		inputs: [NodeConnectionType.Main],
 		outputs: [NodeConnectionType.Main],
 		credentials: [
 			{
-				name: 'kafka',
+				name: 'sslKafkaApi',
 				required: true,
 				testedBy: 'kafkaConnectionTest',
 			},
@@ -222,16 +220,33 @@ export class SslKafka implements INodeType {
 
 					const ssl = credentials.ssl as boolean;
 
+					let useSslConnectionOptions = false as boolean;
+					let sslConnectionOptions: ConnectionOptions = {}
+
+					if (ssl === true && (credentials.sslCa !== '' || credentials.sslCert !== ''  || credentials.sslKey !== '')) {
+						useSslConnectionOptions = true;
+						if (credentials.sslCa !== '') {
+							sslConnectionOptions.ca = [credentials.sslCa] as string[];
+						}
+						if (credentials.sslCert !== '') {
+							sslConnectionOptions.cert = credentials.sslCert as string;
+						}
+						if (credentials.sslKey !== '') {
+							sslConnectionOptions.key = credentials.sslKey as string;
+						}
+						if (credentials.sslPassphrase !== '') {
+							sslConnectionOptions.passphrase = credentials.sslPassphrase as string;
+						}
+					};
+
 					const config: KafkaConfig = {
 						clientId,
 						brokers,
-						ssl,
+						ssl: useSslConnectionOptions ? sslConnectionOptions : ssl,
 					};
 					if (credentials.authentication === true) {
 						if (!(credentials.username && credentials.password)) {
-							throw new ApplicationError('Username and password are required for authentication', {
-								level: 'warning',
-							});
+							throw new ApplicationError('Username and password are required for authentication');
 						}
 						config.sasl = {
 							username: credentials.username as string,
@@ -260,7 +275,6 @@ export class SslKafka implements INodeType {
 
 	async execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
 		const items = this.getInputData();
-		const itemData = generatePairedItemData(items.length);
 
 		const length = items.length;
 
@@ -292,10 +306,29 @@ export class SslKafka implements INodeType {
 
 			const ssl = credentials.ssl as boolean;
 
+			let useSslConnectionOptions = false as boolean;
+			let sslConnectionOptions: ConnectionOptions = {}
+
+			if (ssl === true && (credentials.sslCa !== '' || credentials.sslCert !== ''  || credentials.sslKey !== '')) {
+				useSslConnectionOptions = true;
+				if (credentials.sslCa !== '') {
+					sslConnectionOptions.ca = [credentials.sslCa] as string[];
+				}
+				if (credentials.sslCert !== '') {
+					sslConnectionOptions.cert = credentials.sslCert as string;
+				}
+				if (credentials.sslKey !== '') {
+					sslConnectionOptions.key = credentials.sslKey as string;
+				}
+				if (credentials.sslPassphrase !== '') {
+					sslConnectionOptions.passphrase = credentials.sslPassphrase as string;
+				}
+			};
+
 			const config: KafkaConfig = {
 				clientId,
 				brokers,
-				ssl,
+				ssl: useSslConnectionOptions ? sslConnectionOptions : ssl,
 			};
 
 			if (credentials.authentication === true) {
@@ -400,15 +433,10 @@ export class SslKafka implements INodeType {
 
 			await producer.disconnect();
 
-			const executionData = this.helpers.constructExecutionMetaData(
-				this.helpers.returnJsonArray(responseData),
-				{ itemData },
-			);
-
-			return [executionData];
+			return [this.helpers.returnJsonArray(responseData)];
 		} catch (error) {
 			if (this.continueOnFail()) {
-				return [[{ json: { error: error.message }, pairedItem: itemData }]];
+				return [this.helpers.returnJsonArray({ error: error.message })];
 			} else {
 				throw error;
 			}
 
@@ -1,6 +1,7 @@
 import { SchemaRegistry } from '@kafkajs/confluent-schema-registry';
 import type { KafkaConfig, SASLOptions } from 'kafkajs';
 import { Kafka as apacheKafka, logLevel } from 'kafkajs';
+import { ConnectionOptions } from 'tls';
 import type {
 	ITriggerFunctions,
 	IDataObject,
@@ -11,10 +12,10 @@ import type {
 } from 'n8n-workflow';
 import { NodeConnectionType, NodeOperationError } from 'n8n-workflow';
 
-export class KafkaTrigger implements INodeType {
+export class SslKafkaTrigger implements INodeType {
 	description: INodeTypeDescription = {
-		displayName: 'Kafka Trigger',
-		name: 'kafkaTrigger',
+		displayName: 'SSL Kafka Trigger',
+		name: 'sslKafkaTrigger',
 		icon: { light: 'file:kafka.svg', dark: 'file:kafka.dark.svg' },
 		group: ['trigger'],
 		version: [1, 1.1],
@@ -26,7 +27,7 @@ export class KafkaTrigger implements INodeType {
 		outputs: [NodeConnectionType.Main],
 		credentials: [
 			{
-				name: 'kafka',
+				name: 'sslKafkaApi',
 				required: true,
 			},
 		],
@@ -181,7 +182,7 @@ export class KafkaTrigger implements INodeType {
 
 		const groupId = this.getNodeParameter('groupId') as string;
 
-		const credentials = await this.getCredentials('kafka');
+		const credentials = await this.getCredentials('sslKafkaApi');
 
 		const brokers = ((credentials.brokers as string) || '').split(',').map((item) => item.trim());
 
@@ -193,10 +194,29 @@ export class KafkaTrigger implements INodeType {
 
 		options.nodeVersion = this.getNode().typeVersion;
 
+		let useSslConnectionOptions = false as boolean;
+		let sslConnectionOptions: ConnectionOptions = {}
+
+		if (ssl === true && (credentials.sslCa !== '' || credentials.sslCert !== ''  || credentials.sslKey !== '')) {
+			useSslConnectionOptions = true;
+			if (credentials.sslCa !== '') {
+				sslConnectionOptions.ca = [credentials.sslCa] as string[];
+			}
+			if (credentials.sslCert !== '') {
+				sslConnectionOptions.cert = credentials.sslCert as string;
+			}
+			if (credentials.sslKey !== '') {
+				sslConnectionOptions.key = credentials.sslKey as string;
+			}
+			if (credentials.sslPassphrase !== '') {
+				sslConnectionOptions.passphrase = credentials.sslPassphrase as string;
+			}
+		};
+
 		const config: KafkaConfig = {
 			clientId,
 			brokers,
-			ssl,
+			ssl: useSslConnectionOptions ? sslConnectionOptions : ssl,
 			logLevel: logLevel.ERROR,
 		};