kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony A <antonyaugus...@gmail.com>
Subject kafka security using ssl
Date Thu, 22 Aug 2019 03:49:05 GMT
Hi,

I have followed the steps to secure the brokers using SSL. I have signed
the server certificate using internal CA. I have the keystore with server
certificate, private key and the CA. Also the truststore has only the CA.

Unfortunately I am unable to start the broker with the following server
properties

isteners=SSL://:9092
security.inter.broker.protocol=SSL
ssl.client.auth=required

ssl.truststore.location=/tmp/kafka.server.truststore.jks
ssl.truststore.password=password
ssl.keystore.location=/tmp/kafka.server.keystore.jks
ssl.keystore.password=password
ssl.key.password=password

# ACLs
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
super.users=User:kafkabroker


Here is the error in the logs

org.apache.kafka.common.KafkaException:
org.apache.kafka.common.config.ConfigException: Invalid value
javax.net.ssl.SSLHandshakeException: General SSLEngine problem for
configuration A client SSLEngine created with the provided settings can't
connect to a server SSLEngine created with those settings.

Any pointers on what to do?

Thanks,
Antony

PS: Kafka Version 2.3

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message