Open gwuah opened 3 years ago
hi @gwuah , I am hit with SSL handshake error ,
[thrd:sasl_ssl://rocket-02.srvs.cloudkafka.com:9094/bootstrap]: sasl_ssl://rocket-02.srvs.cloudkafka.com:9094/bootstrap: SSL handshake failed: Disconnected: connecting to a PLAINTEXT broker listener? (after 85ms in state CONNECT, 1 identical error(s) suppressed)
my Config is below and /etc/ssl/certs/karafka.pem has CA certificate downloaded .Any clue how i can resolve this?
config := &kafka.ConfigMap{ "metadata.broker.list": os.Getenv("CLOUDKARAFKA_BROKERS"), "security.protocol": "SASL_SSL", "sasl.mechanisms": "SCRAM-SHA-256", "sasl.username": os.Getenv("CLOUDKARAFKA_USERNAME"), "sasl.password": os.Getenv("CLOUDKARAFKA_PASSWORD"), "group.id": os.Getenv("CLOUDKARAFKA_GROUPID"), "default.topic.config": kafka.ConfigMap{"auto.offset.reset": "earliest"}, "ssl.ca.location": "/etc/ssl/certs/karafka.pem",
//"debug": "generic,broker,security",
}
@sumeshkanayi Have you tried this? 👆🏾
so your config ends up looking like this.
func getProducerConfig(config *core.Config) *kafka.ConfigMap {
return &kafka.ConfigMap{
"metadata.broker.list": config.CLOUDKARAFKA_BROKERS,
"security.protocol": "SASL_SSL",
"sasl.mechanisms": "SCRAM-SHA-256",
"sasl.username": config.CLOUDKARAFKA_USERNAME,
"sasl.password": config.CLOUDKARAFKA_PASSWORD,
"ssl.ca.location": "./cloudkarafka.ca",
}
}
func getConsumerConfig(config *core.Config) *kafka.ConfigMap {
return &kafka.ConfigMap{
"metadata.broker.list": config.CLOUDKARAFKA_BROKERS,
"security.protocol": "SASL_SSL",
"sasl.mechanisms": "SCRAM-SHA-256",
"sasl.username": config.CLOUDKARAFKA_USERNAME,
"sasl.password": config.CLOUDKARAFKA_PASSWORD,
"group.id": config.KAFKA_GROUP_ID,
"default.topic.config": kafka.ConfigMap{"auto.offset.reset": "earliest"},
"auto.offset.reset": "earliest",
"ssl.ca.location": "./cloudkarafka.ca",
}
}
NB: The first file is outdated. So you have to download the second one cloudkarafka_2020_12.ca
Thanks @gwuah i tried that after seeing your comments but didnt make any difference .Trying upgrading open ssl now, can you tell me what openssl version are you using in your setup?
In case anyone is not able to connect to cloudkarafka due to handshake issues, see this file https://www.cloudkarafka.com/docs/faq.html