You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by Atulya Bhimarasetty <at...@gmail.com> on 2017/03/10 17:01:59 UTC
Kafka Support For .P12 or .PFX Certificates
Hello,
We use Kafka in our enterprise and there is a push to secure the existing
clusters via SSL. The documentation mentions generating a certificate and
signing it. But our security team has already given us the certificates.
Does Kafka support P12 or PFX certificates ?
Thank you,
Atulya
Re: Kafka Support For .P12 or .PFX Certificates
Posted by Harsh J <ha...@cloudera.com>.
A p12/pfx (PKCS-12) is a file format that carries certificates (keys).
Kafka accepts a jks (Java Key Store) format instead. You can port your
p12/pfx file-stored certificates into a jks file format using the
$JAVA_HOME/bin/keytool command, for use with Kafka and other Java
applications that work with a jks format. You do not need to ask your
security teams to do this, as you can do it yourself once you have any form
of issued certificate in some format.
A web search should get you a few guides on how you can use the keytool
utility to achieve this with your existing p12/pfx files:
https://www.google.com/search?q=p12+to+jks
On Sat, 11 Mar 2017 at 00:12 Atulya Bhimarasetty <at...@gmail.com> wrote:
> Hello,
> We use Kafka in our enterprise and there is a push to secure the existing
> clusters via SSL. The documentation mentions generating a certificate and
> signing it. But our security team has already given us the certificates.
> Does Kafka support P12 or PFX certificates ?
>
> Thank you,
> Atulya
>