search

confluentinc / librdkafka

The Apache Kafka C/C++ library
Other
248 stars 3.15k forks source link

ssl.truststore.location, ssl.truststore.password, sasl.jaas.config : No such configuration property #1412

Closed Tushar1983 closed 7 years ago

Tushar1983 commented 7 years ago

Description

I am trying to publish a message to Kafka with following properties setting. security.protocol=SASL_SSL sasl.mechanism=SCRAM-SHA-256 ssl.truststore.location=/path_to/kafka.client.truststore.jks ssl.truststore.password=Welcome1 sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="admin" password="Welcome1"

How to reproduce

Code snippet: void KafkaProducer::request() { std::string response = "success"; std::string topic_str = "batchindexer_topic"; std::string errstr; ExampleDeliveryReportCb ex_dr_cb; Json::FastWriter writer; try { RdKafka::Conf *conf = RdKafka::Conf::create(RdKafka::Conf::CONF_GLOBAL); if (conf->set("metadata.broker.list", "bzn00acf.****.com:9092", errstr)!= RdKafka::Conf::CONF_OK) { printf("metadata.broker.list : %s\n", errstr.c_str()); exit(1); }

    if (conf->set("security.protocol", "SASL_SSL", errstr)!= RdKafka::Conf::CONF_OK) {
        printf("security.protocol : %s\n", errstr.c_str());
                  exit(1);
    }

    if (conf->set("sasl.mechanisms", "SCRAM-SHA-256", errstr)!= RdKafka::Conf::CONF_OK) {
        printf("sasl.mechanism : %s\n", errstr.c_str());
                  exit(1);
    }

    if (conf->set("ssl.truststore.location", "/home/tussinha/RNowServers/BatchIndexer/KafkaKeystore/kafka.client.truststore.jks", errstr)!= RdKafka::Conf::CONF_OK) {
        printf("ssl.truststore.location : %s\n", errstr.c_str());
                  exit(1);
    }

    if (conf->set("ssl.truststore.password", "Welcome1", errstr)!= RdKafka::Conf::CONF_OK) {
        printf("ssl.truststore.password : %s\n", errstr.c_str());
                  exit(1);
    }

    if (conf->set("queue.buffering.max.ms", "0", errstr)!= RdKafka::Conf::CONF_OK) {
        printf("queue.buffering.max.ms : %s\n", errstr.c_str());
                  exit(1);
    }

    if (conf->set("sasl.jaas.config", "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"Welcome1\"", errstr)!= RdKafka::Conf::CONF_OK) {
        printf("sasl.jaas.config : %s\n", errstr.c_str());
                          exit(1);
    }

    if (conf->set("dr_cb", &ex_dr_cb, errstr)!= RdKafka::Conf::CONF_OK) {
        printf("dr_cb : %s\n", errstr.c_str());
                          exit(1);
    }

    RdKafka::Producer *producer = RdKafka::Producer::create(conf, errstr);

    Json::Value jsonData(Json::objectValue);
    jsonData["id"] = "1";
    jsonData["firstName"] = "Test";
    jsonData["lastName"] = "Contact1";
    jsonData["postalCode"] = "123456";

    std::string data = writer.write(jsonData);
    producer->produce(topic_str, RdKafka::Topic::PARTITION_UA, RdKafka::Producer::RK_MSG_COPY, const_cast<char *>(data.c_str()), data.size(), NULL, 0, 0, NULL);
    producer->poll(0);
}
catch (std::exception& e)
{
    printf("Exception :: %s", e.what());
    throw e;
}

Json::Value responseData(Json::objectValue);
responseData["message"] = response;
std::string resp = writer.write(responseData);
printf("Response:: %s",resp.c_str());

}

Result: ssl.truststore.location : No such configuration property: "ssl.truststore.location" ssl.truststore.password : No such configuration property: "ssl.truststore.password" sasl.jaas.config : No such configuration property: "sasl.jaas.config"

edenhill commented 7 years ago

Those are Java client configuration properties which make use of Java's JAAS framework and Java-specific trust/keystores. librdkafka (and its sibling clients) makes use of OpenSSL, see this guide how to set it up: https://github.com/edenhill/librdkafka/wiki/Using-SSL-with-librdkafka

sruthyts commented 7 years ago

@Tushar1983 Could you please share the steps you have taken to solve the issue. I have followed https://github.com/edenhill/librdkafka/wiki/Using-SSL-with-librdkafka and still facing issue in adding sasl.jaas.config

Tushar1983 commented 7 years ago

sasl.jaas.config is a java config not available in librdkafka. You will need to use sasl.mechanisms, ssl.ca.location, sasl.username, sasl.password etc in combination as per the configuration you have in your environment. For me I had mechanism = sals_ssl, so I used sasl.mechanisms, ssl.ca.location, sasl.username, sasl.password and it worked..

karthikkgc commented 5 years ago

@Tushar1983 Can you please help me with configuration for 'security.protocol': 'SASL_SSL' and 'sasl.mechanisms': 'PLAIN'

Still having confusion with ssl.ca.location setting, Please let me know the steps to create ca-cert file

YuntianCheng commented 9 months ago

sasl.jaas.config is a java config not available in librdkafka. You will need to use sasl.mechanisms, ssl.ca.location, sasl.username, sasl.password etc in combination as per the configuration you have in your environment. For me I had mechanism = sals_ssl, so I used sasl.mechanisms, ssl.ca.location, sasl.username, sasl.password and it worked..

which config for ssl.truststore.password in librdkafka