[Question] How to get CA? My local client cannot verify certificate without it.

lensesio / fast-data-dev

Kafka Docker for development. Kafka, Zookeeper, Schema Registry, Kafka-Connect, , 20+ connectors

https://lenses.io

Apache License 2.0

2.02k stars 331 forks source link

[Question] How to get CA? My local client cannot verify certificate without it. #108

Closed Nervniyak closed 5 years ago

Nervniyak commented 5 years ago

I had to convert .jks keystore to .p12 keystore and my local consumer cannot connect without verifying the certificate issuer. %3|1558026976.686|ERROR|rdkafka#producer-1| [thrd:ssl://localhost:9093/bootstrap]: ssl://localhost:9093/bootstrap: Failed to verify broker certificate: unable to get local issuer certificate (after 26ms in state CONNECT)

I grabbed keystore from /certs

How can I fix this step?

Nervniyak commented 5 years ago

CA in my case was required to be .pem which I extracted from truststore.jks keytool -importkeystore -srckeystore truststore.jks -destkeystore truststore.p12 -deststoretype PKCS12

openssl pkcs12 -in truststore.p12 -nokeys -out truststore.cer.pem