-
Wrong again, there is no return code 0 on self signed certs
Morning, It looks like i was wrong again with the SSL generation script. Here is the second article Code 0 is not good after all and it signals that Kafka broker is closing the connection really fast. So: There is no 0 on self signed certs Please make sure that you have a certificate in…
-
Correct SSL script for Kafka deployment
Hi, I wrote some time ago a post about certificate generation in order to secure Kafka cluster. Long story short, it was wrong! Here is the correct version that returns O (keystore is correctly generated and used) #!/bin/bash HOST= PASSWORD= KEYSTOREPASS= VALIDITY=365 keytool -keystore kafka.server.temp.keystore.jks -alias $HOST -validity $VALIDITY -genkey -dname “CN=${HOST}, OU=Myteam, O=Mycompany, L=Bucharest…
-
Kafka problem that wasn’t a problem after all
Hi, Do not make my mistake from the last couple of weeks trying to connect to a “secured” kafka cluster using TLS. I wrote following article http://log-it.tech/2017/07/27/configure-kafka-truststore-keystore-using-puppet/ some time ago, and i know that it’s far from bullet proof but it does the job. Now let’s get to the subject, if you want to connect…
-
Fixing the keystore/trustore distribution code
Hi, There is an extra thing to be added to my article http://log-it.tech/2017/07/27/configure-kafka-truststore-keystore-using-puppet/ As is the code copies the files at each puppet run to the other nodes which not contain the keystore generation code. And to fix this i used yet again another puppet module that should share data between the nodes, you can…