You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@kafka.apache.org by jack yang <ja...@is-land.com.tw> on 2018/09/12 02:59:43 UTC
How to setting https to the Kafka connector worker
Hi:
I am using the Kafka connector version is 2.0.0 and below is setting the
Kafka connector worker for https protocol.
1. Create the SSL key
keytool -keystore kafka.server.keystore.jks -alias localhost -validity 365
-genkey
openssl req -new -x509 -keyout ca-key -out ca-cert -days 365
keytool -keystore kafka.client.truststore.jks -alias CARoot -import -file
ca-cert
keytool -keystore kafka.server.truststore.jks -alias CARoot -import -file
ca-cert
keytool -keystore kafka.server.keystore.jks -alias localhost -certreq -file
cert-file
openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-file -out cert-signed
-days 365 -CAcreateserial -passin pass:123456
keytool -keystore kafka.server.keystore.jks -alias CARoot -import -file
ca-cert
keytool -keystore kafka.server.keystore.jks -alias localhost -import -file
cert-signed
2. setting the connect-distributed.properties file
listeners=https://10.1.3.234:8443
rest.advertised.listener=https
rest.advertised.host.name=10.1.3.234
rest.advertised.host.port=8443
listeners.https.ssl.client.auth=requested
listeners.https.ssl.truststore.location=/ssl/kafka.server.truststore.jks
listeners.https.ssl.truststore.password=123456
listeners.https.ssl.keystore.location=/ssl/kafka.server.keystore.jks
listeners.https.ssl.keystore.password=123456
listeners.https.ssl.key.password=123456
3. start the worker command
$ ./connect-distributed.sh ../conf/connect-distributed.properties
I am using the chrome browser to input the
https://10.1.3.234:8443/connectors URL. Receive the
ERR_SSL_VERSION_OR_CIPHER_MISMATCH error in chrome browser.
I am using the curl command to input the below command:
curl -X GET https://10.1.3.234:8443/connectors
will receive the "curl: (35) Cannot communicate securely with peer: no
common encryption algorithm(s)." error
I don't know how to solve this issue.