Is it possible to use Kafka with SSL encryption but with no server verification nor client authentication? I know that by default the latter is disabled, but is it possible to also disable the former?
Asked
Active
Viewed 210 times
1
-
Have you tried to use an `SSL` listener rather than `SASL_SSL`? – OneCricketeer Nov 16 '20 at 23:13
-
I tried SSL only. – Dolev Lazar Nov 17 '20 at 18:50
-
Okay, that doesn't have SASL authentication, so whats the issue? – OneCricketeer Nov 17 '20 at 19:30
-
The issue is that Kafka by default demands server verification, i.e. that the client will know the server's certificate for the handshake to succeed. – Dolev Lazar Nov 17 '20 at 20:55
-
Sure, but that sounds like the job of the certificate authority, not necessarily Kafka. Any keypair is going to require some handshake protocol – OneCricketeer Nov 18 '20 at 02:07
-
but let's say I don't have certificate authority and I'm using self signed certificates, is there a way to ignore certificate verification errors? – Dolev Lazar Nov 18 '20 at 12:41
-
I'm not aware of any feature specific to Kafka for that. [That might be a JVM flag](https://stackoverflow.com/a/4663241/2308683) – OneCricketeer Nov 18 '20 at 15:02
-
I've completely forgot to thank you for all your help, @OneCricketeer! you really helped, thanks a lot! – Dolev Lazar Nov 18 '20 at 20:59