Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-12534

kafka-configs does not work with ssl enabled kafka broker.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Critical
    • Resolution: Unresolved
    • 2.6.1
    • None
    • None
    • None

    Description

      We are trying to change the trust store password on the fly using the kafka-configs script for a ssl enabled kafka broker.

      Below is the command used:

      kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 1001 --alter --add-config 'ssl.truststore.password=xxx'

      But we see below error in the broker logs when the command is run.

      {"type":"log", "host":"kf-2-0", "level":"INFO", "neid":"kafka-cfd5ccf2af7f47868e83473408", "system":"kafka", "time":"2021-03-23T12:14:40.055", "timezone":"UTC", "log":{"message":"data-plane-kafka-network-thread-1002-ListenerName(SSL)-SSL-2 - org.apache.kafka.common.network.Selector - [SocketServer brokerId=1002] Failed authentication with /127.0.0.1 (SSL handshake failed)"}}

       How can anyone configure ssl certs for the kafka-configs script and succeed with the ssl handshake in this case ? 

      Note : 

      We are trying with a single listener i.e SSL: 

      Attachments

        Activity

          People

            Unassigned Unassigned
            kaushik srinivas kaushik srinivas
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: