You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Pere Urbon-Bayes (Jira)" <ji...@apache.org> on 2019/08/29 17:11:00 UTC

[jira] [Assigned] (KAFKA-8843) Zookeeper migration tool support for TLS

     [ https://issues.apache.org/jira/browse/KAFKA-8843?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pere Urbon-Bayes reassigned KAFKA-8843:
---------------------------------------

    Assignee: Pere Urbon-Bayes

> Zookeeper migration tool support for TLS
> ----------------------------------------
>
>                 Key: KAFKA-8843
>                 URL: https://issues.apache.org/jira/browse/KAFKA-8843
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Pere Urbon-Bayes
>            Assignee: Pere Urbon-Bayes
>            Priority: Minor
>
> Currently zookeeper-migration tool works based on SASL authentication. What means only digest and kerberos authentication is supported.
>  
> With the introduction of ZK 3.5, TLS is added, including a new X509 authentication provider. 
>  
> To support this great future and utilise the TLS principals, the zookeeper-migration-tool script should support the X509 authentication as well.
>  
> In my newbie view, this should mean adding a new parameter to allow other ways of authentication around [https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65. |https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65]
>  
> If I understand the process correct, this will require a KIP, right?
>  



--
This message was sent by Atlassian Jira
(v8.3.2#803003)