How to provide Kafka credentials when security protocol is SASL_SSL

Hi, I’m struggling connecting Druid 0.15 to a Kafka cluster which authenticates using security protocol SASL_SSL, ie. truststore & password plus username & password. The Druid Simple SSLContext Provider Module documentation doesn’t explain how to do this. Any/all suggestions welcome! Thanks :slight_smile:

Hi Adrian gay,

I think you can specify the above details in the Kafka consumer property of the Kafka supervisor specs :

A map of properties to be passed to the Kafka consumer. This must contain a property bootstrap.servers with a list of Kafka brokers in the form: <BROKER_1>:<PORT_1>,<BROKER_2>:<PORT_2>,…

For SSL connections, the keystore, truststore and key passwords can be provided as a Password Provider or String password.

https://druid.apache.org/docs/latest/development/extensions-core/kafka-ingestion.html

https://druid.apache.org/docs/latest/operations/password-provider.html

eg :
},
“ioConfig”: {
“topic”: “TOPIC_NAME”,
“replicas”: 1,
“taskCount”: 9,
“taskDuration”: “PT3600S”,
"consumerProperties": {
“ssl.keystore.location”: “/keystoreFile.jks”,
“ssl.key.password”: “$PassWord”,
“bootstrap.servers”: “:”,
“security.protocol”: “SSL”,
“ssl.truststore.location”: “/truststoreFile.jks”,
“ssl.keystore.password”: “PassWord”,
“ssl.truststore.password”: “PassWord”
},

Hope this helps.

Thanks and Regards,

Vaibhav

@Vaibhav

thanks, thats exactly what I needed!

Adrian

Glad to know that @Adrian !!:+1:.

Thanks and Regards,

Vaibhav

Is the KEYSTORE_PATH local path or HTTPS path?