search

quarkusio / quarkus

Quarkus: Supersonic Subatomic Java.
https://quarkus.io
Apache License 2.0
13.36k stars 2.56k forks source link

Allows the Kafka client to be configured using the TLS registry #41503

Open cescoffier opened 1 week ago

cescoffier commented 1 week ago

Description

Allows the Kafka client to be configured with the TLS registry (for the TLS aspect of it).

Basically, when kafka.tls-configuration-name is set, we need to locate the TLS configuration from the registry and set:

security.protocol=SSL
ssl.truststore.location=/var/private/ssl/kafka.client.truststore.jks  
ssl.truststore.password=test1234. # Trust store password
ssl.keystore.location=/var/private/ssl/kafka.client.keystore.jks  
ssl.keystore.password=test1234 # Key store password
ssl.key.password=test1234 # Alias password

Unfortunately, the KAfka configuration only accepts files. This means we would need to extract these files from the configuration and cannot use the already processed KeyStore instances.

Implementation ideas

No response

quarkus-bot[bot] commented 1 week ago

/cc @alesj (kafka), @ozangunalp (kafka), @radcortez (config)