the
> accepted definition?
>
> Thanks,
> Martin
> __
>
>
>
> > From: ism...@juma.me.uk
> > Date: Wed, 1 Jun 2016 11:31:58 +0100
> > Subject: Re: SSL certificate CN validation against FQDN in v0.9
> > To: use
ty
>> ismael can you change ssl.endpoint.identification.algorithm property to
>> ssl.endpoint.identification.protocolso the property matches what the
>> accepted definition?
>>
>> Thanks,
>> Martin
>> __________________
>>
>>
&g
what the accepted
definition?
Thanks,
Martin
__
> From: ism...@juma.me.uk
> Date: Wed, 1 Jun 2016 11:31:58 +0100
> Subject: Re: SSL certificate CN validation against FQDN in v0.9
> To: users@kafka.apache.org
>
> Hi Phil,
>
>
Hi Phil,
You are right that the check is not done by default. We have a couple of
JIRAs tracking that:
https://issues.apache.org/jira/browse/KAFKA-3665
https://issues.apache.org/jira/browse/KAFKA-3667
Enabling the check is a matter of setting
`ssl.endpoint.identification.algorithm`
to `https`, b
We use almost the same properties (the same if you account for defaults),
and have not seen any check whether the FQDN matches the CN, as it's al
working without matching names. It seems the requirement is only needed if
you use SASL_SSL as security protocol, which from you config you don't seem
to
