How to connect with Zookeeper 3.5.7 with mTLS

[tanuj83]

my Zookeeper for CMAK is running 3.5.7 with mTLS, how can I connect CMAK to ZK the basic requirement for CMAK run before adding any cluster.

cmak.zkhosts ==> this ZK is using mTLS

application.conf cmak.zkhosts="kafka-manager-zookeeper:2181" cmak.zkhosts=${?ZK_HOSTS}

I tried to configure keystore/truststore in default/cmak and consumer.config too but getting handshake error in ZK logs

[tanuj83]

Also can not add cluster where ZK is SSL only, how to add that cluster in CMAK

[ndobbs]

Same issues here - now that zookeeper supports inter-broker SSL and TLS, this will be a standard configuration for many people moving forward.

https://cwiki.apache.org/confluence/display/KAFKA/KIP-515%3A+Enable+ZK+client+to+use+the+new+TLS+supported+authentication

[techguy0079]

we are using Kafka 2.5 and ZK 3.5.7 . mutual TLS for Kafka seems to be working fine but CMAK doesn't support TLS for ZK connections. We are not using any SASL authentication instead using end to end mutual TLS. will CMAK be updated to support TLS connection to ZK cluster?

[abhinav-jain09]

same issue here . we would like to use only mutual TLS not the SASL authentication with zookeeper broker connection to zookeeper works but not CMAK . is there any plan to implement it?

[siva626]

+1