Description
Can you please share tutorial how to use SASL_SSL with Kafka version 3.6.0?
I use this config for zookeeper.properties:
authProvider.sasl=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
I use this config for zookeeper.jaas.config:
Server
{ org.apache.zookeeper.server.auth.DigestLoginModule required user_super="adminsecret" user_admin="kafka123"; };
I use this config for server.properties:
sasl.enabled.mechanisms=SCRAM-SHA-256
listeners=SASL_SSL://localhost:9092
advertised.listeners=SASL_SSL://localhost:9092
sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256
security.inter.broker.protocol=SASL_SSL
ssl.keystore.location=C:/apps/certs/keystore.jks
ssl.keystore.password=sepultura1
ssl.key.password=sepultura1
ssl.truststore.location=C:/apps/certs/truststore.jks
ssl.truststore.password=sepultura1
ssl.client.auth=required
ssl.endpoint.identification.algorithm=
I use this as kafkaserver.jaas.config:
KafkaServer
{ org.apache.kafka.common.security.scram.ScramLoginModule required username="user" password="sepultura1"; };
Client
;
But in server log I see error:
[2023-12-25 19:36:58,233] INFO [Controller id=0, targetBrokerId=0] Node 0 disconnected. (org.apache.kafka.clients.NetworkClient)
[2023-12-25 19:36:58,244] ERROR [Controller id=0, targetBrokerId=0] Connection to node 0 (localhost/127.0.0.1:9092) failed authentication due to: Authentication failed during authentication due to invalid credentials with SASL mechanism SCRAM-SHA-256 (org.apache.kafka.clients.NetworkClient)