Fix "SSL Handshake failed" issue

- Add security.protocol as quarkus runtime options and allow replaying
  the option as runtime init
- Enable enableAllSecurityServices when building the native image for
  the integration test

extensions/kafka-streams/runtime/src/main/java/io/quarkus/kafka/streams/runtime/KafkaStreamsRuntimeConfig.java

@@ -56,6 +56,13 @@ public class KafkaStreamsRuntimeConfig {
     @ConfigItem
     public Optional<String> schemaRegistryUrl;
 
+    /**
+     * The security protocol to use
+     * See https://docs.confluent.io/current/streams/developer-guide/security.html#security-example
+     */
+    @ConfigItem(name = "security.protocol")
+    public Optional<String> securityProtocol;
+
     /**
      * The SASL JAAS config.
      */

extensions/kafka-streams/runtime/src/main/java/io/quarkus/kafka/streams/runtime/KafkaStreamsTopologyManager.java

@@ -25,6 +25,7 @@
 import javax.inject.Inject;
 import javax.inject.Singleton;
 
+import org.apache.kafka.clients.CommonClientConfigs;
 import org.apache.kafka.clients.admin.AdminClient;
 import org.apache.kafka.clients.admin.AdminClientConfig;
 import org.apache.kafka.clients.admin.ListTopicsResult;
@@ -113,6 +114,9 @@ private static Properties getStreamsProperties(Properties properties, String boo
             streamsProperties.put(runtimeConfig.schemaRegistryKey, runtimeConfig.schemaRegistryUrl.get());
         }
 
+        // set the security protocol (in case we are doing PLAIN_TEXT)
+        setProperty(runtimeConfig.securityProtocol, streamsProperties, CommonClientConfigs.SECURITY_PROTOCOL_CONFIG);
+
         // sasl
         SaslConfig sc = runtimeConfig.sasl;
         if (sc != null) {

integration-tests/kafka-streams/pom.xml

@@ -135,6 +135,7 @@
                                     <cleanupServer>true</cleanupServer>
                                     <enableHttpUrlHandler>true</enableHttpUrlHandler>
                                     <graalvmHome>${graalvmHome}</graalvmHome>
+                                    <enableAllSecurityServices>true</enableAllSecurityServices>
                                 </configuration>
                             </execution>
                         </executions>