Should all brokers in the cluster use the same truststore?
No, but you could. Most important is that all brokers have the same root certificate in the truststore. Also the certificate they use from the keystore should be signed by this root (or an intermediate that was signed by the root).
