diff --git a/internal/component/kafka/auth.go b/internal/component/kafka/auth.go
index 7fbad6356..df888d3db 100644
--- a/internal/component/kafka/auth.go
+++ b/internal/component/kafka/auth.go
@@ -54,15 +54,13 @@ func updateTLSConfig(config *sarama.Config, metadata *kafkaMetadata) error {
 		config.Net.TLS.Enable = false
 		return nil
 	}
-	if !metadata.TLSSkipVerify && metadata.TLSCaCert == "" {
-		config.Net.TLS.Enable = false
-		return nil
-	}
-
-	//nolint:gosec
-	config.Net.TLS.Config = &tls.Config{InsecureSkipVerify: metadata.TLSSkipVerify, MinVersion: tls.VersionTLS12}
 	config.Net.TLS.Enable = true
 
+	if !metadata.TLSSkipVerify && metadata.TLSCaCert == "" {
+		return nil
+	}
+	//nolint:gosec
+	config.Net.TLS.Config = &tls.Config{InsecureSkipVerify: metadata.TLSSkipVerify, MinVersion: tls.VersionTLS12}
 	if metadata.TLSCaCert != "" {
 		caCertPool := x509.NewCertPool()
 		if ok := caCertPool.AppendCertsFromPEM([]byte(metadata.TLSCaCert)); !ok {