Please format logs and configs using the </>-button to make your post more readable (configs are sensitive to indentation, without formatting it's hard to check configs being correct).
The broker is closing the connection. Have you check the kafka logs?
The SSL/TLS settings must be configured via ssl namespace, not tls. Looks like you the beat is trying plain text connection, while kafka is expecting a SSL/TLS handshake.
remove duplicates from hosts setting. As you only have one broker, remove the others. The hosts setting is required for cluster connection bootstrapping only (get metadata to find all nodes in a cluster).
From you configs it looks like you want to have client authentication. But I'm missing the CA configuration for accepting the servers certificates.
Can you try without TLS first? Then add TLS server authentication and finally enable client authentication? In general properly setting up (or worse debugging) TLS can be somewhat difficult at times, better do it step by step.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.