Kafka开启SSL后消费者启动失败

1：使用 openssl s_client -debug -connect localhost:9093 -tls1 验证成功；可以打印出对应信息。

2：修改客户端配置文件：

ssl.enabled.protocols=TLSv1.2,TLSv1.1,TLSv1
security.protocol=SSL
ssl.truststore.type=JKS
ssl.truststore.location=/usr/ca/trust/server.truststore.jks
ssl.truststore.password=test1234
ssl.keystore.type=JKS
ssl.keystore.location=/usr/ca/server/server.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234

3：kafka-console-consumer.sh --bootstrap-server localhost:9093 --topic test --consumer.config /home/kafka_2.11-1.0.0/config/consumer.properties

执行上述消费者命令，报一下信息：

[2021-07-30 17:39:38,863] ERROR [Consumer clientId=consumer-1, groupId=console-consumer-99435] Connection to node -1 failed authentication due to: SSL handshake failed (org.apache.kafka.clients.NetworkClient)
[2021-07-30 17:39:38,865] ERROR Authentication failed: terminating consumer process (kafka.tools.ConsoleConsumer$)
org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake failed
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Caused by: java.security.cert.CertPathValidatorException: signature check failed
Caused by: java.security.SignatureException: Signature does not match.
                            
我按照指南正确配置了，可以生产消费，配置如下
security.protocol=SSL
ssl.keystore.location=/usr/ca/server/server.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234
ssl.truststore.location=/usr/ca/trust/server.truststore.jks
ssl.truststore.password=test1234
我有两个问题：
1：生成的client.truststore.jks和client.keystore.jks一直没有用到，这个是需要配合SASL/SCRAM使用的吗？
2：每次消费者关闭后，都会提示以下WARN信息，这个有影响吗？
WARN Failed to send SSL Close message  (org.apache.kafka.common.network.SslTransportLayer)