[jira] [Updated] (KAFKA-16049) Can you please share tutorial how to run Latest Kafka (3.6.0) with SASL_SSL

Mon, 25 Dec 2023 10:41:03 -0800 


     [ 
https://issues.apache.org/jira/browse/KAFKA-16049?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Petr Kostroun updated KAFKA-16049:
----------------------------------
    Summary: Can you please share tutorial how to run Latest Kafka (3.6.0) with 
SASL_SSL  (was: Can you please share tutorial how to run Latest Kafka (3.6.0))

> Can you please share tutorial how to run Latest Kafka (3.6.0) with SASL_SSL
> ---------------------------------------------------------------------------
>
>                 Key: KAFKA-16049
>                 URL: https://issues.apache.org/jira/browse/KAFKA-16049
>             Project: Kafka
>          Issue Type: Task
>          Components: config
>    Affects Versions: 3.6.0
>            Reporter: Petr Kostroun
>            Priority: Major
>
> Can you please share tutorial how to use SASL_SSL with Kafka version 3.6.0?
>  
> I use this config for zookeeper.properties:
> authProvider.sasl=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
>  
> I use this config for zookeeper.jaas.config:
> Server {
>        org.apache.zookeeper.server.auth.DigestLoginModule required
>        user_super="adminsecret"
>        user_admin="kafka123";
> };
>  
> I use this config for server.properties:
>  
> sasl.enabled.mechanisms=SCRAM-SHA-256
> listeners=SASL_SSL://localhost:9092
> advertised.listeners=SASL_SSL://localhost:9092
> sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256
> security.inter.broker.protocol=SASL_SSL
> ssl.keystore.location=C:/apps/certs/keystore.jks
> ssl.keystore.password=sepultura1
> ssl.key.password=sepultura1
> ssl.truststore.location=C:/apps/certs/truststore.jks
> ssl.truststore.password=sepultura1
> ssl.client.auth=required
> ssl.endpoint.identification.algorithm=
>  
> I use this as kafkaserver.jaas.properties:
> KafkaServer {
>    org.apache.kafka.common.security.scram.ScramLoginModule required
>    username="user"
>    password="sepultura1";
> };
> Client {
>     org.apache.zookeeper.server.auth.DigestLoginModule required
>     username="admin"
>     password="kafka123";
> };
>  
> But in server log I see error:
>  
> [2023-12-25 19:36:58,233] INFO [Controller id=0, targetBrokerId=0] Node 0 
> disconnected. (org.apache.kafka.clients.NetworkClient)
> [2023-12-25 19:36:58,244] ERROR [Controller id=0, targetBrokerId=0] 
> Connection to node 0 (localhost/127.0.0.1:9092) failed authentication due to: 
> Authentication failed during authentication due to invalid credentials with 
> SASL mechanism SCRAM-SHA-256 (org.apache.kafka.clients.NetworkClient)
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to