Not able to start Kafka Broker with zookeeper when use SASL-SSL

1,509 views

Skip to first unread message

thuy nguyenthithu

unread,

Mar 29, 2018, 4:20:42 AM3/29/18

to Confluent Platform

I can not able to start kafka broker with zookeeper when use SASL-SSL. Can anyone help me?

My Zookeeper said:

ERROR cnxn.saslServer is null: snxn object did not initialize its saslServer properly. (org.apache.zookeeper.server.ZooKeeperServer)

My kafka broker was shutdown when I try to open it:

ERROR SASL authentication failed using login context 'Client' (org.apache.zookeeper.client.ZooKeeperSaslClient

My jaas config file:

KafkaServer{

org.apache.kafka.common.security.scram.ScramLoginModule required

username="vpoint"

password="vpoint-secret"

user_admin="vpoint-secret";

};

Server{

org.apache.kafka.common.security.scram.ScramLoginModule required

username="vpoint"

password="vpoint-secret"

user_admin="vpoint-secret";

};

Client{

org.apache.kafka.common.security.scram.ScramLoginModule required

username="vpoint"

password="vpoint-secret";

};

My zookeepr config file:

dataDir=/var/lib/zookeeper

clientPort=2181

maxClientCnxns=0

authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider

jaasLoginRenew=3600000

requireClientAuthScheme=sasl

My broker config file:

broker.id=0

listeners=SASL_SSL://192.168.1.18:9093

advertised.listeners=SASL_SSL://192.168.1.18:9093

num.network.threads=3

num.io.threads=8

socket.send.buffer.bytes=102400

socket.receive.buffer.bytes=102400

socket.request.max.bytes=104857600

log.dirs=/var/lib/kafka

num.partitions=1

num.recovery.threads.per.data.dir=1

offsets.topic.replication.factor=1

transaction.state.log.replication.factor=1

transaction.state.log.min.isr=1

log.retention.hours=168

log.segment.bytes=1073741824

log.retention.check.interval.ms=300000

zookeeper.connect=192.168.1.18:2181

zookeeper.connection.timeout.ms=6000

confluent.support.metrics.enable=true

group.initial.rebalance.delay.ms=0

confluent.support.customer.id=anonymous

ssl.keystore.location=server.keystore.jks

ssl.keystore.password=123456

ssl.key.password=123456

ssl.truststore.location=server.truststore.jks

ssl.truststore.password=123456

ssl.client.auth=none

ssl.enabled.protocols=TLSv1.2,TLSv1.1,TLSv1

ssl.keystore.type=JKS

ssl.truststore.type=JKS

ssl.secure.random.implementation=SHA1PRNG

sasl.enabled.mechanisms=SCRAM-SHA-512

java.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf

sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512

security.inter.broker.protocol=SASL_SSL

Reply all

Reply to author

Forward

0 new messages