Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.0.0
-
None
-
None
Description
Currently, loading of SSL keystore and truststore always uses a FileInputStream (SslFactory.SecurityStore) and cannot be changed to load keystores from other locations such as the classpath, raw byte arrays etc.
Furthermore, passwords for the key stores have to be provided as plaintext configuration properties.
Delegating the creation of an SSLContext to a customizable implementation might solve some more issues such as KAFKA-5519, KAFKA-4933, KAFKA-4294, KAFKA-2629 by enabling Kafka users to implement their own.