Home > Enterprise >  Do we need Certificate for Kafka SASL_SSL?
Do we need Certificate for Kafka SASL_SSL?

Time:01-28

I am confused on SASL_SSL. Do we need SSL certificate configured for the Kafka producer application ? Or is it just the username and password ? What is the difference between SASL_SSL and SASL_PLAINTEXT ? I am sending message from a plain java application to a topic.

CodePudding user response:

SASL_SSL used TLS encryption like SSL so you will need to create a certificate, and with SASL_SSL you need to specify an authentication method.

This page should help you https://developer.confluent.io/learn-kafka/security/authentication-ssl-and-sasl-ssl/

SASL_PLAINTEXT doesn't use TLS encryption (SASL_PLAIN does and this uses the username/password authentication).

It really all depends on your security requirements. SASL_SSL is mainly used when integrating with a existing authentication server but this increases your vulnerability to attacks.

  • Related