You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by GitBox <gi...@apache.org> on 2022/07/10 06:56:08 UTC

[GitHub] [kafka] dongjinleekr commented on pull request #12340: KAFKA-14018:Support p12 with sha256

dongjinleekr commented on PR #12340:
URL: https://github.com/apache/kafka/pull/12340#issuecomment-1179669443

   @gddsop I reviewed this problem and found the following:
   
   As of present, Apache Kafka runs on Java 8 or above. Until 8, Java uses 'JKS' as a default Keystore type and after that, uses pkcs#12 (includes `.p12`) However, the supported algorithm list of [Java 8 (JKS)](https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SUNProvider) and [Java 11 (pkcs#12)](https://docs.oracle.com/en/java/javase/11/tools/keytool.html#GUID-5990A2E4-78E3-47B7-AE75-6D1826259549__GUID-5709F884-DD73-4401-A2FC-C7610922DC53) does not include SHA1 or SHA256.
   
   So, I think this feature would be much better for a custom `org.apache.kafka.common.security.auth.SecurityProviderCreator`.
   
   @showuon How do you think? I think this issue would be rather a documentaton problem.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org