kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Cox <tom.sheridan....@gmail.com>
Subject Incorrect CSR Command in Latest Kafka Documentation
Date Mon, 10 Aug 2020 09:49:28 GMT

The latest docs (https://kafka.apache.org/documentation/#security_overview)
give the following command in section 7.2.1 "[t]o generate certificate
signing requests":

keytool -keystore server.keystore.jks -alias localhost -validity {validity}
-genkey -keyalg RSA -destkeystoretype pkcs12 -ext

This is clearly not the correct command given it uses the "-genkey" flag as
opposed to the "-certreq" flag.

The docs for version 2.5 (https://kafka.apache.org/25/documentation.html)
have the correct CSR generation command in section 7.2.3. It looks like
section 7 has been rewritten between these versions and the correct CSR
generation command has been removed.

Am I correct in thinking this is wrong? If so, how can I raise this as an


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message