Home > Blockchain >  Spring-Kafka not picking up SSL config
Spring-Kafka not picking up SSL config

Time:08-30

I am trying to connect to Kafka broker which enforce both 2 way SSL/TLS to authenticate and authorize the client. I have created the certificate sign by right authority and stored in my local user directory. I am using

  • Spring-Kafka 2.8.5
  • Spring-Boot 2.6.7

My application.properties has

spring.kafka.bootstrap-server=vera-kafka-dev.lia.com:49092
spring.kafka.topic=lucija-eliza-topic
spring.kafka.security.protocol=SSL
spring.kafka.ssl.keystore.location=/c/users/sibusiso/certs/my-test-cert.jks
spring.kafka.ssl.keystore.password=mysecretpwd
spring.kafka.ssl.truststore.location=/c/users/sibusiso/certs/my-test-cert.jks
spring.kafka.ssl.truststore.password=mysecretpwd

But ProducerConfig values is printing

acks= -1
batch.size = 16384
bootstrap.servers = [vera-kafka-dev.lia.com:49092]
buffer.memory = 33554432
...
security.protocol = PLAINTEXT
security.providers = null
ssl.enabled.protocols = [TLSv1.2, TLSv1.3]
ssl.endpoint.identification.algorithm = https
ssl.key.password = null
ssl.keysore.location = null
ssl.keystore.password = null
ssl.keystore.type = JKS
ssl.protocol = TLSv1.3
...
ssl.trustsore.location = null
ssl.truststore.password = null
ssl.truststore.type = JKS
...

So looking at this output it looks like application is not picking up values from application.properties file. And obviously connection to broker is disconnected.

Am I missing something? TIA

CodePudding user response:

Basically I agree with Garry Russell's comment. You have to either leverage the auto-configuration abilities, or declare a KafkaProperties bean, or do everything manually.

Regarding the properties, it seems there are some discrepancies on the names. The most precise definitions of them are in /META-INF/spring-configuration-metadata.json and /META-INF/additional-spring-configuration-metadata.json in the jar files. If you check these files, most importantly the one in Spring Boot's auto-configure jar (e.g. spring-boot-autoconfigure-2.6.7.jar), you'll see that some of the properties' names in your file are not quite right:

  • spring.kafka.bootstrap-server should be spring.kafka.bootstrap-servers in plural;
  • spring.kafka.ssl.keystore.location should be spring.kafka.ssl.key-store-location; spring.kafka.ssl.keystore-location works, too, only it's deprecated.
  • Similarly, the rest of the properties' names are: spring.kafka.ssl.key-store-password, spring.kafka.ssl.trust-store-location, and spring.kafka.ssl.trust-store-password.
  • I'm not sure what spring.kfka.topic even with the typo corrected. You may need to double-check.

That said, apparently you got spring.kafka.bootstrap-server work somehow, which I cannot reproduce using the same version of libraries, so maybe you were doing them manually? That way you'd have to do everything manually, e.g. via @Value.

Also if you want to work with files on the file system you need to specify the location using the file: protocol.

  • Related