SSL in Kafka Connect?

1,367 views
Skip to first unread message

Chris Castle

unread,
Aug 11, 2016, 2:17:30 PM8/11/16
to Confluent Platform
I'm trying to setup a Kafka Connector to use SSL to connect to the brokers, but it seems to be not picking up the below configuration options.  Using Kafka 0.10.0.0 and Confluent 3.0.0 with this connector https://github.com/Eneco/kafka-connect-twitter

On startup, the config readout in the log says PLAINTEXT for security.protocol and null for the truststore and keystore locations and passwords even though I'm specifying them as below in my connect-simple-source-standalone.properties file.

security.protocol=SSL
ssl.truststore.location=/app/.truststore.jks
ssl.truststore.password=test1234
ssl.keystore.location=/app/.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234

Starting up the process like this:
$CONFLUENT_HOME/bin/connect-standalone confluent.properties twitter-simple-source.properties

Does Connect not yet support SSL connections to the brokers?  More details of my setup here (full properties files and log output): https://gist.github.com/crcastle/6108c429ff2c3dfb444a0b13108a3a39

Thanks.

-Chris

Warren Kiser

unread,
Aug 11, 2016, 3:07:27 PM8/11/16
to Confluent Platform
You need to add some more ssl configs. Here's a snippet from my config:

producer.security.protocol=SSL
producer.ssl.truststore.location={{truststore_location}}
producer.ssl.truststore.password=%% JKS_PASSWORD %%
producer.ssl.keystore.location={{keystore_location}}
producer.ssl.keystore.password=%% JKS_PASSWORD %%
producer.ssl.key.password=%% JKS_PASSWORD %%
consumer.security.protocol=SSL
consumer.ssl.truststore.location={{truststore_location}}
consumer.ssl.truststore.password=%% JKS_PASSWORD %%
consumer.ssl.keystore.location={{keystore_location}}
consumer.ssl.keystore.password=%% JKS_PASSWORD %%
consumer.ssl.key.password=%% JKS_PASSWORD %%

We ran into the same issue as well when setting connect up.

Chris Castle

unread,
Aug 11, 2016, 8:45:39 PM8/11/16
to Confluent Platform
Thanks a ton, Warren.  That worked.  And now I see that it's documented here as well http://docs.confluent.io/3.0.0/connect/security.html

Nagu Kothapalli

unread,
Dec 8, 2017, 5:07:09 AM12/8/17
to Confluent Platform
Thanks a lot, it worked for me

KC

unread,
Jan 23, 2019, 10:19:10 AM1/23/19
to Confluent Platform
Did you have to add to the connector config (quickstart-s3.properties) or is this a specific file you added to? (connect-distributed.properties?)
Reply all
Reply to author
Forward
0 new messages