I noted that TLS support with mutual TLS authentication does not appear to be working correctly, resulting in no certificates being sent in response to a certificate request. Since no certificates are presented, the Kafka broker disconnects the client.
From the console, we can see the contents of sslOptions, which is not aligned with the documentation of Nodejs's TLS module.
7 Mar 15:44:27 - [debug] Kafka Broker {"label":"getKafkaClient sslOptions","properties":["rejectUnauthorized","certdata","keydata","cadata"]}
I guess, this may be a bug which was introduced by this deletion, back in 2020. Instead of calling tlsNode.addTLSOptions(), the contents of credentials are now copied directly to sslOptions via assign().
Unfortunately, I cannot tell whether reverting this change is really the answer, as I am inexperienced when it comes to Nodejs development & that commit's message only says the change "fixed tls".
But I have tried to add it back, replacing this part of kafkaBroker.js:
Hi,
I noted that TLS support with mutual TLS authentication does not appear to be working correctly, resulting in no certificates being sent in response to a certificate request. Since no certificates are presented, the Kafka broker disconnects the client.
From the console, we can see the contents of sslOptions, which is not aligned with the documentation of Nodejs's TLS module.
I guess, this may be a bug which was introduced by this deletion, back in 2020. Instead of calling tlsNode.addTLSOptions(), the contents of credentials are now copied directly to sslOptions via assign().
Unfortunately, I cannot tell whether reverting this change is really the answer, as I am inexperienced when it comes to Nodejs development & that commit's message only says the change "fixed tls".
But I have tried to add it back, replacing this part of kafkaBroker.js:
....with this:
And I am able to get a working TLS connection, with the same settings. The log also shows the change:
Steps to replicate the issue: