lensesio / fast-data-dev

Kafka Docker for development. Kafka, Zookeeper, Schema Registry, Kafka-Connect, , 20+ connectors
https://lenses.io
Apache License 2.0
2.02k stars 333 forks source link

[Question] How to get CA? My local client cannot verify certificate without it. #108

Closed Nervniyak closed 5 years ago

Nervniyak commented 5 years ago

I had to convert .jks keystore to .p12 keystore and my local consumer cannot connect without verifying the certificate issuer. %3|1558026976.686|ERROR|rdkafka#producer-1| [thrd:ssl://localhost:9093/bootstrap]: ssl://localhost:9093/bootstrap: Failed to verify broker certificate: unable to get local issuer certificate (after 26ms in state CONNECT)

I grabbed keystore from /certs image

How can I fix this step?

Nervniyak commented 5 years ago

CA in my case was required to be .pem which I extracted from truststore.jks keytool -importkeystore -srckeystore truststore.jks -destkeystore truststore.p12 -deststoretype PKCS12

openssl pkcs12 -in truststore.p12 -nokeys -out truststore.cer.pem