Questions about kafka bridge scram-sha-512 authentication

Dear Strimzi, I have some doubts reguarding kafka bridge. I have an external kafka listener with this configuration:

...
    authorization:
      type: simple
      superUsers:
        - bridgeuser
...
      external:
        type: loadbalancer
        configuration:
          brokerCertChainAndKey:
            secretName: kafka-external-n
            certificate: n.pem
            key: n.pem
        tls: true
        authentication:
          type: scram-sha-512
          #type: tls
        overrides:
          brokers:
          - broker: 0
            loadBalancerIP: apimichele-kafka.n.io
            advertisedHost: IP

and it’s working fine. I can produce and consume with kafka java class passing username e password into the jaas.conf (let’s encrypt certificate is working as expected, tnx to strimzi 17.0 👍 ).

Now they ask me an http bridge…

So I deployed kafka bridge and if it’s deployed trough the internal/plain listener no problem.

But when I try to connect through the external ip, this is the log I receive:

2020-05-08 14:28:06,148 WARN [Producer clientId=producer-1] Connection to node -1 (xxxx:9094) terminated during authentication. This may happen due to any of the following reasons: (1) Authentication failed due to invalid credentials with brokers older than 1.0.0, (2) Firewall blocking Kafka TLS traffic (eg it may only allow HTTPS traffic), (3) Transient network issue. (org.apache.kafka.clients.NetworkClient) [kafka-producer-network-thread | producer-1]

I think the secret is fine… this is the bridge configuration:

---
apiVersion: kafka.strimzi.io/v1alpha1
kind: KafkaBridge
metadata:
  name: kafka-external
namespace: openwhisk
spec:
  replicas: 1
  bootstrapServers: apimichele-kafka..io:9094
  http:
    port: 8080
  authentication:
    type: scram-sha-512
    username: bridgeuser
    passwordSecret:
      secretName: bridgeuser
      password: password

I include also this:

$ ko get secret bridgeuser -o yaml
apiVersion: v1
data:
  password: xxxxXXXXXXxxxx
kind: Secret
metadata:
  creationTimestamp: "2020-05-08T14:10:46Z"
  labels:
    app.kubernetes.io/instance: bridgeuser
    app.kubernetes.io/managed-by: strimzi-user-operator
    app.kubernetes.io/name: strimzi
    strimzi.io/cluster: kafka-external
    strimzi.io/kind: KafkaUser
  name: bridgeuser
  namespace: openwhisk

I tried other configuration with no luck, can you help me, or point me to the right documenation, please? p.s: I am using strimzi 17.