Versions Compared

Old Version 3

changes.mady.by.user Pavel Filippov

Saved on

compared with

New Version 4

changes.mady.by.user Pavel Filippov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
# Enables SSL for inter broker communication and for Kafka clients
inter.broker.listener.name=INTERNAL
listeners=INTERNAL://:9091,EXTERNAL://:9092
advertised.listeners=INTERNAL://:19091,EXTERNAL://kafka-1:19092
listener.security.protocol.map=INTERNAL:SSL,EXTERNAL:SSL

# SSL broker settings
ssl.protocol=SSL
ssl.key.password={ca-key password}
ssl.endpoint.identification.algorithm=HTTPS

ssl.keystore.type=jks
ssl.keystore.password={keystore password)
ssl.keystore.location=${path to the server.keystore.jks}

ssl.truststore.type=jks
ssl.truststore.password=${truststore password}
ssl.truststore.location=${path to the server.truststore.jks}

Kafka clients should have it's own keystore/truststore pair and they should be added to the client configuration:

Spring Boot

Code Block
spring:
  kafka:
   ssl:
     protocol: SSL
     key-password: ${keyPassword}
     key-store-type: jks
     key-store-location: ${keystoreLocation}
     key-store-password: ${keystorePassword}
     trust-store-type: jks
     trust-store-location: ${truststoreLocation}
     trust-store-password: ${path to the client.truststore.jks}

VertX

Producer/consumer settings used:

Code Block
ssl.protocol: SSL
ssl.key.password={ca-key password}
ssl.keystore.type=jks
ssl.keystore.password={keystore password)
ssl.keystore.location=${path to the client.keystore.jks}
ssl.truststore.type=jks
ssl.truststore.password=${truststorePassword}
ssl.truststore.location=${path to the client.truststore.jks}



ACL

Enabling ACL

...