Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
2.1.0
-
None
-
None
Description
Certificate pinning as well as authenticating kafka brokers using a non-public CA certificate maintained inside an organisation is desirable to a lot of users. This can be accomplished today using the ssl.truststore.location configuration property. Unfortunately, this value is always interpreted as a filesystem path which makes distribution of such an alternative truststore a needlessly cumbersome process. If we had the ability to load a trust store from the classpath as well as from a file, the trust store could be shipped in a jar that could be declared as a regular maven style dependency.
If we did this by supporting prefixing ssl.truststore.location with classpath: this could be a backwards compatible change, one that builds on prior design patterns established by for example the Spring project.
Attachments
Issue Links
- mentioned in
-
Page Loading...