Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-9308

Misses SAN after certificate creation

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.3.1
    • Fix Version/s: 2.6.0
    • Component/s: documentation
    • Labels:
      None

      Description

      Hello,

      I followed the documentation to use kafka with ssl, however the entire 'procedure' loses at the end the specified SAN.

      To test, run (after the first keytool command and after the latest):

       

      keytool -list -v -keystore server.keystore.jks
      

      Reference:
      http://kafka.apache.org/documentation.html#security_ssl

       

      #!/bin/bash
      #Step 1
      keytool -keystore server.keystore.jks -alias localhost -validity 365 -keyalg RSA -genkey -ext SAN=DNS:test.test.com
      #Step 2
      openssl req -new -x509 -keyout ca-key -out ca-cert -days 365
      keytool -keystore server.truststore.jks -alias CARoot -import -file ca-cert
      keytool -keystore client.truststore.jks -alias CARoot -import -file ca-cert
      #Step 3
      keytool -keystore server.keystore.jks -alias localhost -certreq -file cert-file 
      openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-file -out cert-signed -days 365 -CAcreateserial -passin pass:test1234 
      keytool -keystore server.keystore.jks -alias CARoot -import -file ca-cert 
      keytool -keystore server.keystore.jks -alias localhost -import -file cert-signed
      

       

      In the detail, the SAN is losed after:

      keytool -keystore server.keystore.jks -alias localhost -import -file cert-signed
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sliebau Sönke Liebau
                Reporter:
                ago Agostino Sarubbo
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: