I am trying to connect to Kafka broker which enforce both 2 way SSL/TLS to authenticate and authorize the client. I have created the certificate sign by right authority and stored in my local user directory. I am using
- Spring-Kafka 2.8.5
- Spring-Boot 2.6.7
My application.properties
has
spring.kafka.bootstrap-server=vera-kafka-dev.lia.com:49092
spring.kafka.topic=lucija-eliza-topic
spring.kafka.security.protocol=SSL
spring.kafka.ssl.keystore.location=/c/users/sibusiso/certs/my-test-cert.jks
spring.kafka.ssl.keystore.password=mysecretpwd
spring.kafka.ssl.truststore.location=/c/users/sibusiso/certs/my-test-cert.jks
spring.kafka.ssl.truststore.password=mysecretpwd
But ProducerConfig values is printing
acks= -1
batch.size = 16384
bootstrap.servers = [vera-kafka-dev.lia.com:49092]
buffer.memory = 33554432
...
security.protocol = PLAINTEXT
security.providers = null
ssl.enabled.protocols = [TLSv1.2, TLSv1.3]
ssl.endpoint.identification.algorithm = https
ssl.key.password = null
ssl.keysore.location = null
ssl.keystore.password = null
ssl.keystore.type = JKS
ssl.protocol = TLSv1.3
...
ssl.trustsore.location = null
ssl.truststore.password = null
ssl.truststore.type = JKS
...
So looking at this output it looks like application is not picking up values from application.properties file. And obviously connection to broker is disconnected.
Am I missing something? TIA
CodePudding user response:
Basically I agree with Garry Russell's comment. You have to either leverage the auto-configuration abilities, or declare a KafkaProperties
bean, or do everything manually.
Regarding the properties, it seems there are some discrepancies on the names. The most precise definitions of them are in /META-INF/spring-configuration-metadata.json
and /META-INF/additional-spring-configuration-metadata.json
in the jar files. If you check these files, most importantly the one in Spring Boot's auto-configure jar (e.g. spring-boot-autoconfigure-2.6.7.jar
), you'll see that some of the properties' names in your file are not quite right:
spring.kafka.bootstrap-server
should bespring.kafka.bootstrap-servers
in plural;spring.kafka.ssl.keystore.location
should bespring.kafka.ssl.key-store-location
;spring.kafka.ssl.keystore-location
works, too, only it's deprecated.- Similarly, the rest of the properties' names are:
spring.kafka.ssl.key-store-password
,spring.kafka.ssl.trust-store-location
, andspring.kafka.ssl.trust-store-password
. - I'm not sure what
spring.kfka.topic
even with the typo corrected. You may need to double-check.
That said, apparently you got spring.kafka.bootstrap-server
work somehow, which I cannot reproduce using the same version of libraries, so maybe you were doing them manually? That way you'd have to do everything manually, e.g. via @Value
.
Also if you want to work with files on the file system you need to specify the location using the file:
protocol.