Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-9570

SSL cannot be configured for Connect in standalone mode

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.0, 2.0.1, 2.1.0, 2.2.0, 2.1.1, 2.0.2, 2.3.0, 2.1.2, 2.2.1, 2.2.2, 2.4.0, 2.3.1, 2.2.3, 2.5.0, 2.3.2, 2.4.1
    • Fix Version/s: 2.6.0, 2.4.2, 2.5.1
    • Component/s: KafkaConnect
    • Labels:
      None

      Description

      When Connect is brought up in standalone, if the worker config contains any properties that begin with the listeners.https. prefix, SSL will not be enabled on the worker.

      This is because the relevant SSL configs are only defined in the distributed worker config instead of the superclass worker config. This, in conjunction with a call to AbstractConfig::valuesWithPrefixAllOrNothing, causes all configs not defined in the WorkerConfig used by the worker to be silently dropped when the worker configures its REST server if there is at least one config present with the listeners.https. prefix.

      Unfortunately, the workaround of specifying all SSL configs without the listeners.https. prefix will also fail if any passwords need to be specified. This is because the password values in the Map returned from AbstractConfig::valuesWithPrefixAllOrNothing aren't parsed as passwords, but the framework expects them to be. However, if no keystore, truststore, or key passwords need to be configured, then it should be possible to work around the issue by specifying all of those configurations without a prefix (as long as they don't conflict with any other configs in that namespace).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ChrisEgerton Chris Egerton
                Reporter:
                ChrisEgerton Chris Egerton
                Reviewer:
                Randall Hauch
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: