You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Sophie Qian (JIRA)" <ji...@apache.org> on 2018/10/22 22:28:00 UTC

[jira] [Created] (KAFKA-7530) Need to allow overwrite ssl.endpoint.identification.algorithm.config

Sophie Qian created KAFKA-7530:
----------------------------------

             Summary: Need to allow overwrite ssl.endpoint.identification.algorithm.config
                 Key: KAFKA-7530
                 URL: https://issues.apache.org/jira/browse/KAFKA-7530
             Project: Kafka
          Issue Type: Bug
          Components: clients
    Affects Versions: 2.0.0
            Reporter: Sophie Qian


We are in the process of upgrading our system to use Confluent 5.0.0 (which is using Kafka 2.0.0). I found out SslConfigs ( clients/src/main/java/org/apache/kafka/common/config/SslConfigs.java)  has following change:

 

{color:#14892c}KAFKA-3665: Enable TLS hostname verification by default (KIP-294) (#4956){color}

{color:#14892c}Make HTTPS the default ssl.endpoint.identification.algorithm.{color}

 

But  user can not overwrite ssl.endpoint.identification.alogorithm, only following values can be reconfigurable.

{color:#205081}public static final Set<String> RECONFIGURABLE_CONFIGS = Utils.mkSet(
¦ SslConfigs.SSL_KEYSTORE_TYPE_CONFIG,
¦ SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG,
¦ SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG,
¦ SslConfigs.SSL_KEY_PASSWORD_CONFIG,
¦ SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG,
¦ SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG,
¦ SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG);{color}

 

Pls make SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG reconfigurable. 

 

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)