search

CloudKarafka / go-kafka-example

MIT License
14 stars 11 forks source link

SSH CA file is required #3

Open gwuah opened 3 years ago

gwuah commented 3 years ago

In case anyone is not able to connect to cloudkarafka due to handshake issues, see this file https://www.cloudkarafka.com/docs/faq.html

sumeshkanayi commented 3 years ago

hi @gwuah , I am hit with SSL handshake error ,

[thrd:sasl_ssl://rocket-02.srvs.cloudkafka.com:9094/bootstrap]: sasl_ssl://rocket-02.srvs.cloudkafka.com:9094/bootstrap: SSL handshake failed: Disconnected: connecting to a PLAINTEXT broker listener? (after 85ms in state CONNECT, 1 identical error(s) suppressed)

my Config is below and /etc/ssl/certs/karafka.pem has CA certificate downloaded .Any clue how i can resolve this?

config := &kafka.ConfigMap{ "metadata.broker.list": os.Getenv("CLOUDKARAFKA_BROKERS"), "security.protocol": "SASL_SSL", "sasl.mechanisms": "SCRAM-SHA-256", "sasl.username": os.Getenv("CLOUDKARAFKA_USERNAME"), "sasl.password": os.Getenv("CLOUDKARAFKA_PASSWORD"), "group.id": os.Getenv("CLOUDKARAFKA_GROUPID"), "default.topic.config": kafka.ConfigMap{"auto.offset.reset": "earliest"}, "ssl.ca.location": "/etc/ssl/certs/karafka.pem",

    //"debug":                           "generic,broker,security",
}
gwuah commented 3 years ago

940DEC9E-5E2E-42C3-A48D-EBB8B22BBC1D

@sumeshkanayi Have you tried this? 👆🏾

so your config ends up looking like this.

func getProducerConfig(config *core.Config) *kafka.ConfigMap {
    return &kafka.ConfigMap{
            "metadata.broker.list": config.CLOUDKARAFKA_BROKERS,
            "security.protocol":    "SASL_SSL",
            "sasl.mechanisms":      "SCRAM-SHA-256",
            "sasl.username":        config.CLOUDKARAFKA_USERNAME,
            "sasl.password":        config.CLOUDKARAFKA_PASSWORD,
            "ssl.ca.location":      "./cloudkarafka.ca",
        }
}

func getConsumerConfig(config *core.Config) *kafka.ConfigMap {
        return &kafka.ConfigMap{
            "metadata.broker.list": config.CLOUDKARAFKA_BROKERS,
            "security.protocol":    "SASL_SSL",
            "sasl.mechanisms":      "SCRAM-SHA-256",
            "sasl.username":        config.CLOUDKARAFKA_USERNAME,
            "sasl.password":        config.CLOUDKARAFKA_PASSWORD,
            "group.id":             config.KAFKA_GROUP_ID,
            "default.topic.config": kafka.ConfigMap{"auto.offset.reset": "earliest"},
            "auto.offset.reset":    "earliest",
            "ssl.ca.location":      "./cloudkarafka.ca",
        }
}

NB: The first file is outdated. So you have to download the second one cloudkarafka_2020_12.ca

sumeshkanayi commented 3 years ago

Thanks @gwuah i tried that after seeing your comments but didnt make any difference .Trying upgrading open ssl now, can you tell me what openssl version are you using in your setup?