![]() ![]() #=PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL See the config documentation for more details # Maps listener names to security protocols, the default is for them to be the same. # it uses the value for "listeners" if configured. # Hostname and port the broker will advertise to producers and consumers. Listeners=PLAINTEXT://localhost:9092, SSL://localhost:9192 # listeners = listener_name://host_name:port # The address the socket server listens on. This must be set to a unique integer for each broker. ERROR Connection to node 0 (localhost/127.0.0.1:9192) failed authentication due to: SSL handshake failed (.NetworkClient) The problem is that when I start kafka, then I get this error: INFO started () Listeners=PLAINTEXT://localhost:9092, SSL://localhost:9192 =required =/home/xrobot/kafka_2.12-2.1.0/certificate/ =blablabla =blablabla =/home/xrobot/kafka_2.12-2.1.0/certificate/ =blablabla =SSL Keytool -keystore -alias CARoot -import -file ca-cert keytool -keystore -alias CARoot -import -file ca-certĪdd these line in the configuration server.properties: Import CA to client truststore and broker/server truststore: Keytool -keystore -alias localhost -import -file cert-signed Keytool -keystore -alias CARoot -import -file ca-cert Import both the certificate of the CA and the signed certificate into the keystore: Openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-file -out cert-signed -days Keytool -keystore -alias localhost -certreq -file cert-file Sign all brokers certificates with the generated CAĮxport the certificate from the keystore: Openssl req -new -x509 -keyout ca-key -out ca-cert -days 365 A CA is responsible for signing certificates. The generated CA is a public-private key pair and certificate used to sign other certificates. Keytool -keystore -alias localhost -validity 365 -genkey Generate certificate for each broker kafka:.Deactivate and activate the database agent.I have to add encryption and authentication with SSL in kafka.Edit the Agent Status properties of the new database agent to change the new DB agent's "SSL Connection" to "Mandatory" and "Enforce SSL Version" to "TLSv1.2".Create a new SQL Server agent with the wizard. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |