-
Notifications
You must be signed in to change notification settings - Fork 484
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS with PKCS12 keystore - getting client SSL authentication might be required #384
Comments
hi @Constantin07 |
Yes, librdkafka 1.8.2 supports OpenSSL 1.0.2 and 1.1.
librdkafka 2.0 also supports OpenSSL 3.0.
Enable security debugging to see which OpenSSL version is being used:
kcat …. -d security
tis 14 feb. 2023 kl. 10:05 skrev Aldan Basil Brito ***@***.***
…:
hi @Constantin07 <https://github.com/Constantin07>
Its not just with the PKCS12 format, even the jks or pem format
certifcates result in the same.
kafka-console-producers and consumers work fine.
hi @edenhill <https://github.com/edenhill>, does kcat utility support
openssl 1.1.1-any with librdkafka 1.8.2 which uses Tls1.3 protocol
—
Reply to this email directly, view it on GitHub
<#384 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEAFPQPOQXTFIK4IVB2UY3WXNDHBANCNFSM52J436NQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm trying to connect to AWS MSK cluster, configured with mTLS but getting this error:
Kcat config file:
With the same PKCS12 keystore and password in the
kafka.admin.properties
file:the Kafka tools work just fine:
Alpine (Docker container): 3.15.4
OpenSSL version: OpenSSL 1.1.1p
Kcat version:
NB: In the PKCS12 keystore I've got:
I'm wondering if
kcat
does support the PKCS12 formatted keystores ?The text was updated successfully, but these errors were encountered: