[
https://issues.apache.org/jira/browse/KAFKA-8843?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16918834#comment-16918834
]
Pere Urbon-Bayes commented on KAFKA-8843:
-----------------------------------------
link to the related KIP:
[https://cwiki.apache.org/confluence/display/KAFKA/KIP-515%3A+Enable+ZK+client+to+use+the+new+TLS+supported+authentication]
> Zookeeper migration tool support for TLS
> ----------------------------------------
>
> Key: KAFKA-8843
> URL: https://issues.apache.org/jira/browse/KAFKA-8843
> Project: Kafka
> Issue Type: Bug
> Reporter: Pere Urbon-Bayes
> Assignee: Pere Urbon-Bayes
> Priority: Minor
>
> Currently zookeeper-migration tool works based on SASL authentication. What
> means only digest and kerberos authentication is supported.
>
> With the introduction of ZK 3.5, TLS is added, including a new X509
> authentication provider.
>
> To support this great future and utilise the TLS principals, the
> zookeeper-migration-tool script should support the X509 authentication as
> well.
>
> In my newbie view, this should mean adding a new parameter to allow other
> ways of authentication around
> [https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65.
>
> |https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65]
>
> If I understand the process correct, this will require a KIP, right?
>
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
