TRUSTORE_PATH
truststore
that stores CA cert that you want to trust.TRUSTORE_PASSWORD
KEYSTORE_PATH
keystore
that stores access key.KEYSTORE_PASSWORD
STORE_TYPE
pkcs12
, jceks
, and etcCA_CERT_ALIES
SIGNED_CLIENT_CERT_ALIES
BOOTSTRAP_SERVER_HOSTNAME
BOOTSTRAP_SERVER_PORT
SASL_USERNAME
SASL_PASSWORD
PLAINTEXT
KafkaTLS/SSL
PLAINTEXT
, which means that all data is sent without encryption. However, Kafka running in production needs to expose only a secure connection that encrypts communication, and you should therefore configure Zilla to use TLS/SSL encrypted communication.Kafka
cluster is secured by a TLS
server certificate that is provided by a public certificate authority, then configure Zilla
add a TLS
client binding as shown below with the trustcacerts
option to set to true
.exit
from kafka_client0
binding now changes to tls_client0
.Kafka
cluster is secured by a TLS
server certificate that is signed by a private certificate authority then you need to add a vault
config to provide access to certificates needed by the TLS
client binding.TLS/SSL
using client certificatesKafka
cluster over TLS/SSL
using client certificates.truststore.p12
- contains the trusted server certificates or certificate authoritieskeystore.p12
- contains the signed client certificatesTLS mutual authentication
require three files; a Client Key
, a Client Certificate
, and a CA Certificate
.truststore.p12
and keystore.p12
files using the three files.vault
with truststore
and keystore
, then reference the vault in the tls_client0
binding.