You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Allen Wang (JIRA)" <ji...@apache.org> on 2017/12/08 01:09:00 UTC

[jira] [Created] (KAFKA-6329) Load trust store as a resource

Allen Wang created KAFKA-6329:
---------------------------------

             Summary: Load trust store as a resource
                 Key: KAFKA-6329
                 URL: https://issues.apache.org/jira/browse/KAFKA-6329
             Project: Kafka
          Issue Type: Improvement
          Components: clients
    Affects Versions: 1.0.0, 0.11.0.0, 0.10.2.0
            Reporter: Allen Wang


We would like to publish a Kafka client library with SSL enabled by default and distribute to internal applications so that they can communicate to our brokers securely. We also need to distribute a trust store with our internal CA cert. In our library/application ecosystem, this is the easiest way to enable security without adding burdens to each application to deploy a certain trust store.

However, that does not seem to be possible as Kafka client assumes that the trust store is in a local file system and uses FileInputStream which does not work with resources.

https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/common/security/ssl/SslFactory.java

Here is the actual line of code:

{code:java}
in = new FileInputStream(path);
{code}

Ideally we would also like to be able to do this as another way to load trust store:

{code:java}
in = this.getClass().getResourcesAsStream(resourcePath)
{code}






--
This message was sent by Atlassian JIRA
(v6.4.14#64029)