kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Павел Шевцов <paulshevt...@gmail.com>
Subject SSL handshake failed Error
Date Tue, 11 Aug 2020 09:36:14 GMT

I configured Kafka to work over SSL without authorization.
I rebooted Kafka and I get a certificate on a test connection.
(openssl s_client -connect <hostname>:9093)

But when I try to connect with the producer, I get an error - "failed authentication due to:
SSL handshake failed (org.apache.kafka.clients.NetworkClient)"
I added debugs (export KAFKA_OPTS="-Djavax.net.debug=ssl") and I get a message (javax.net.ssl.SSLException:
Unrecognized SSL message, plaintext connection?)

My kafka server.properties
---------------
broker.id=10
listeners=PLAINTEXT://0.0.0.0:9092,SSL://0.0.0.0:9093
advertised.listeners=PLAINTEXT://<hostname>:9092,SSL://<hostname>:9093

<skip>

ssl.keystore.location=/etc/ssl/kafka/kafka.server.keystore.jks
ssl.keystore.password=<secret>
ssl.key.password=<secret>
ssl.truststore.location=/etc/ssl/kafka/kafka.server.truststore.jks
ssl.truststore.password=<secret>
ssl.endpoint.identification.algorithm=
<skip>
--------------------

Command to use producer
/usr/local/kafka/bin/kafka-console-producer.sh --broker-list <hostname>:9093 --topic
kafka-security-topic --producer.config /root/client-ssl/client.properties

client.properties
--------------
security.protocol=SSL
ssl.truststore.location=/root/client-ssl/kafka.client.truststore.jks
ssl.truststore.password=clientpass
------------

Kafka version - 2.13-2.6.0

Any ideas?


Mime
View raw message