[jira] [Commented] (KAFKA-10731) have kafka producer & consumer auto-reload ssl certificate

Moncef Abboud (Jira) Fri, 29 Nov 2024 10:53:09 -0800


    [ 
https://issues.apache.org/jira/browse/KAFKA-10731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17901974#comment-17901974
 ]


Moncef Abboud commented on KAFKA-10731:
---------------------------------------

I initiated a [PR|https://github.com/apache/kafka/pull/17987] for this. Please 
feel free to take a look.

> have kafka producer & consumer  auto-reload ssl certificate 
> ------------------------------------------------------------
>
>                 Key: KAFKA-10731
>                 URL: https://issues.apache.org/jira/browse/KAFKA-10731
>             Project: Kafka
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.3.1
>            Reporter: Yu Yang
>            Assignee: Moncef Abboud
>            Priority: Major
>
> We use SSL in both brokers and kafka clients for authenticate and 
> authorization, and rotates the certificates every 12 hours.  Kafka producers 
> and consumer cannot pick up the rotated certs. This causes stream processing 
> interruption (e.g.  flink connector does not handle ssl exception, and the 
> flink applicatoin has to be restarted when we hit this error).  We need to 
> improve kafka producer & client to support ssl certificate dynamic loading. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (KAFKA-10731) have kafka producer & consumer auto-reload ssl certificate

Reply via email to