[KAFKA-4301] Include some SSL/TLS logging to avoid need need for javax debug util every time an issue arises - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.10.2.0
Component/s: None
Labels:
None

Description

It would be handy to include certain transport layer session attributes in at least the debug level logging within Kafka. Specifically with regard to TLS/SSL communications.

Some of the things it would be helpful to see without having to enable the javax network debug utility include:

1. Negotiated cipher suite
2. Authenticated client principal

Technically item2 is covered with the authorizer logging but it would be nice to have this information available even in the absence of an authorizer implementation.

Attachments

Issue Links

links to

GitHub Pull Request #2027

Activity

People

Assignee:: Rajini Sivaram

Reporter:: Ryan P

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 13/Oct/16 17:00

Updated:: 25/Oct/16 13:22

Resolved:: 25/Oct/16 13:22