search

kafka4beam / brod

Apache Kafka client library for Erlang/Elixir
Apache License 2.0
661 stars 198 forks source link

Authenticity is not established by certificate path validation", Reason: "Option {verify, verify_peer} and cacertfile/cacerts is missing #576

Closed Vkutovoy92 closed 5 months ago

Vkutovoy92 commented 5 months ago

Hi, I have the driver 3.17.1 and Erlang 24, after update to 24 I see the warning: "Authenticity is not established by certificate path validation", Reason: "Option {verify, verify_peer} and cacertfile/cacerts is missing" and [error] Failed to connect to kafka-a-venom-05.nosql.it.loc:6667, Make sure connecting to a 'SSL://' listener

And I can't work with kafka.

My config is

    {brod, [
        {clients, [
            {client_pb, [
                {auto_start_producers, true},
                {default_producer_config, []},
                {endpoints, [
                    {"kafka-a-venom-04.nosql.it.loc", 6667},
                    {"kafka-a-venom-05.nosql.it.loc", 6667},
                    {"kafka-a-venom-06.nosql.it.loc", 6667},
                    {"kafka-a-venom-07.nosql.it.loc", 6667},
                    {"kafka-a-venom-08.nosql.it.loc", 6667},
                    {"kafka-a-venom-09.nosql.it.loc", 6667},
                    {"kafka-a-venom-10.nosql.it.loc", 6667}
                ]},
                {ssl, [
                    {certfile, "config/production/store.crt"},
                    {keyfile, "config/production/store.key"},
                    {cacertfile, "config/production/site.pem"}
            ]}
          ]}
        ]}
    ]},

How to fix it? Thank's

zmstone commented 5 months ago

Add {verify, verify_none} to ssl options.

Vkutovoy92 commented 5 months ago

Add {verify, verify_none} to ssl options.

Thank's, it works!