handshake failed with brokers, broker certificate could not be verified,

[PowerChuck]

We are using AWS MSK with mTLS enabled. Any connection from producer or consumer to kafka cluster will have to authenticate via certificates In my case, I am setting up a consumer application, but I meet this error while establishing connection to the brokers %3|1741317569.751|FAIL|rdkafka#consumer-1| [thrd:ssl://b-3.prodconsum]: ssl://b-3.prodconsum.kafka.amazonaws.com:9094/bootstrap: SSL handshake failed: error:0A000086:SSL routines::certificate verify failed: broker certificate could not be verified, verify that ssl.ca.location is correctly configured or root CA certificates are installed (add broker's CA certificate to the Windows Root certificate store) (after 253ms in state SSL_HANDSHAKE)

This is my config conf = { "bootstrap.servers": "b-3.prodconsum.kafka.amazonaws.com:9094", "group.id": "internal-use.kafka.sa.dh", "auto.offset.reset": "latest", "security.protocol": "SSL", "ssl.ca.location": "certificate.pem", "ssl.key.location": "private-key.pem", "ssl.certificate.location": "client_cert.pem" }

However, the CA itself seems OK to verify the brokers