You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Al (Jira)" <ji...@apache.org> on 2020/03/02 12:34:00 UTC

[jira] [Commented] (KAFKA-8621) KIP-486: Support custom way to load KeyStore and TrustStore

    [ https://issues.apache.org/jira/browse/KAFKA-8621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17049171#comment-17049171 ] 

Al commented on KAFKA-8621:
---------------------------

I would very much welcome this change. Our application is deployed to the cloud as a docker image. Keystore and Truststore files are NOT part of the image. We provide the keystore and truststore (base64 encoded) as environment variables when the image is started. The env vars are then assigned (via spring) to variables in the program. As of now, we have (at startup) to write the values of these variables to files so that the Kafka infrastructure can read them in from there.

This is cumbersome. A much better solution for us would be a custom implementation of the proposed {{KeyStoreLoader}} interface which would load the keystore "from memory". I.e. no files at all would be needed.

> KIP-486: Support custom way to load KeyStore and TrustStore
> -----------------------------------------------------------
>
>                 Key: KAFKA-8621
>                 URL: https://issues.apache.org/jira/browse/KAFKA-8621
>             Project: Kafka
>          Issue Type: New Feature
>          Components: security
>            Reporter: Maulin Vasavada
>            Assignee: Thomas Zhou
>            Priority: Minor
>
> https://cwiki.apache.org/confluence/display/KAFKA/KIP-486%3A+Support+custom+way+to+load+KeyStore+and+TrustStore



--
This message was sent by Atlassian Jira
(v8.3.4#803005)