You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Agostino Sarubbo (Jira)" <ji...@apache.org> on 2019/12/17 12:24:00 UTC

[jira] [Created] (KAFKA-9308) Misses SAN after certificate creation

Agostino Sarubbo created KAFKA-9308:
---------------------------------------

             Summary: Misses SAN after certificate creation
                 Key: KAFKA-9308
                 URL: https://issues.apache.org/jira/browse/KAFKA-9308
             Project: Kafka
          Issue Type: Bug
          Components: documentation
    Affects Versions: 2.3.1
            Reporter: Agostino Sarubbo


Hello,

I followed the documentation to use kafka with ssl, however the entire 'procedure' loses at the end the specified SAN.

To test, run (after the first keytool command and after the latest):

keytool -list -v -keystore server.keystore.jks

Reference:
[http://kafka.apache.org/documentation.html#security_ssl]



#!/bin/bash

#Step 1

keytool -keystore server.keystore.jks -alias localhost -validity 365 -keyalg RSA -genkey

#Step 2

openssl req -new -x509 -keyout ca-key -out ca-cert -days 365
keytool -keystore server.truststore.jks -alias CARoot -import -file ca-cert
keytool -keystore client.truststore.jks -alias CARoot -import -file ca-cert


#Step 3

keytool -keystore server.keystore.jks -alias localhost -certreq -file cert-file 
 openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-file -out cert-signed -days 365 -CAcreateserial -passin pass:test1234 
 keytool -keystore server.keystore.jks -alias CARoot -import -file ca-cert 
 keytool -keystore server.keystore.jks -alias localhost -import -file cert-signed



--
This message was sent by Atlassian Jira
(v8.3.4#803005)