Kafka checks the validity of SSL certificates keystore or trust store?

2021-08-12 Thread Deepak Jain
Hello, We are using Kafka for data uploading via SSL. While doing the SSL certificate expiry test, we found that Kafka checks the expiry of keystore and does not start when the current date exceed the validity end date of keystore and dump the following exception in server.log

RE: Kafka checks the validity of SSL certificates keystore or trust store?

2021-08-16 Thread Deepak Jain
Hello, Can anyone help me provide the below information: Kafka SSL checks the validity of which SSL certificate: keystore or trust store while checking the expiry condition? Thanks in advance! Best regards, Deepak From: Deepak Jain Sent: 12 August 2021 15:01 To: users@kafka.apache.org Cc

Kafka does not check the expiry of SSL certificates if host.cer is included in truststore ?

2021-08-25 Thread Deepak Jain
Hello fellow Kafka users, I have came across this behaviour of kafka while using it in SASL_SSL mode. My observations are: When we exclude the host.cer => Expiry date of certificate[1] in certificate chain of Keystore is consider. When we include the host.cer => No expiry is check even for all

Log4j 2.x preview for Kafka

2021-12-22 Thread Deepak Jain
Hi Luke, We are using Kafka 2.8.1 Broker/Client system in our prod env. Due to the Log4j vulnerability CVE-2021-44228, CVE-2021-45046, CVE-2021-4104 and CVE-2021-45105, we are waiting for kafka to upgrade to Log4j 2.17. However, we came across following link in which there is a preview for the

Re: Log4j 2.x preview for Kafka

2021-12-22 Thread Deepak Jain
e.org/cve-list If you are using non-upstream Kafka distro that includes log4j2, then check with that vendor for additional information I hope this helps Israel Ekpo Lead Instructor, IzzyAcademy.com https://izzyacademy.com/ On Wed, Dec 22, 2021 at 10:58 AM Deepak Jain < deepak.j...

RE: Log4j 2.x preview for Kafka

2021-12-22 Thread Deepak Jain
cludes log4j2, then > check with that vendor for additional information > > I hope this helps > > Israel Ekpo > Lead Instructor, IzzyAcademy.com > https://izzyacademy.com/ > > > On Wed, Dec 22, 2021 at 10:58 AM Deepak Jain < > deepak.j...@cumulus-systems.com> wrote: &

Kafka Log4j2.x upgrade plan

2022-01-20 Thread Deepak Jain
Hi Luke, We are using Kafka 2.8.1 Broker/Client system in our prod env. Due to the Log4j vulnerability CVE-2021-44228, CVE-2021-45046, CVE-2021-4104 and CVE-2021-45105, we are waiting for kafka to upgrade to Log4j 2.17. Our Customers are asking why Kafka is using obsolete log4j1.x version. Ple

Random continuous NetworkException on client and EOFException on server.log

2022-01-27 Thread Deepak Jain
Hello Everyone, We are using Kafka 2.8.1 Broker/Client system in our prod env. Getting following exception randomly after 1 hour or so. java.util.concurrent.ExecutionException: org.apache.kafka.common.errors.NetworkException: Disconnected from node 0 at org.apache.kafka.clients.produce

RE: Random continuous NetworkException on client and EOFException on server.log

2022-01-27 Thread Deepak Jain
: Disconnected from node 0. Going to request metadata update now -Original Message- From: Deepak Jain Sent: 27 January 2022 21:14 To: users@kafka.apache.org Subject: Random continuous NetworkException on client and EOFException on server.log Hello Everyone, We are using Kafka 2.8.1

RE: Kafka Log4j2.x upgrade plan

2022-02-11 Thread Deepak Jain
: 21 January 2022 12:35 To: Deepak Jain Cc: users@kafka.apache.org; Alap Patwardhan Subject: Re: Kafka Log4j2.x upgrade plan Hi Deepak, So far, we don't have an ETA for log4j2. Please check this discussion: https://issues.apache.org/jira/browse/KAFKA-9366 Thank you. Luke On Fri, Jan 21, 20

RE: Kafka Log4j2.x upgrade plan

2022-02-11 Thread Deepak Jain
From: Luke Chen Sent: 11 February 2022 18:15 To: Deepak Jain Cc: users@kafka.apache.org; Alap Patwardhan Subject: Re: Kafka Log4j2.x upgrade plan Hi Deepak, The PR to upgrade to log4j 2 is already under review. And so far it looks good. So I think it's possible to be merged into v3.2.0

Java 8 support in Kafka 3.1.1 release

2022-04-06 Thread Deepak Jain
Hi Luke, Our application uses Java 8 but it seems the java 8 support is deprecated from Kafka 3.0.0 release onwards. Please let us know can we still use Java 8 in Kafka upcoming release 3.1.1? Regards, Deepak

Random continuous TimeoutException with Topic not present on one KafkaProducer out of many in multithreaded env

2022-06-02 Thread Deepak Jain
ing the root cause for it? Regards, Deepak Jain Cumulus Systems

RE: Random continuous TimeoutException with Topic not present on one KafkaProducer out of many in multithreaded env

2022-06-06 Thread Deepak Jain
Hello All, Please help me out in this regard as the Customer has reported this on their production environment and waiting for our reply ASAP. Regards, Deepak From: Deepak Jain Sent: 02 June 2022 20:53 To: 'users@kafka.apache.org' Cc: 'Luke Chen' ; Alap Patwardhan ; Bh

RE: Random continuous TimeoutException with Topic not present on one KafkaProducer out of many in multithreaded env

2022-06-06 Thread Deepak Jain
e traffic ,produce "buffer" and "batch.size" On Mon, Jun 6, 2022 at 6:53 PM Deepak Jain wrote: > Hello All, > > Please help me out in this regard as the Customer has reported this on > their production environment and waiting for our reply ASAP. > > Regards, >

RE: Random continuous TimeoutException with Topic not present on one KafkaProducer out of many in multithreaded env

2022-06-07 Thread Deepak Jain
though the topic is created and used but it still throws this exception and fails the operation. Regards, Deepak From: Luke Chen Sent: 07 June 2022 11:46 To: Deepak Jain Cc: users@kafka.apache.org Subject: Re: Random continuous TimeoutException with Topic not present on one KafkaProducer out of

Inquiry about using SSL encryption and SASL authentication for Kafka without specifying IP address in SAN in the CA certificate

2022-07-07 Thread Deepak Jain
entry in /etc/hosts file Can you please let us know: 1. Is IP and DNS both field mandatory in SAN for Kafka Certificates? 2. If no, why the communication is failing without the IP? Regards, Deepak Jain Cumulus Systems

RE: Inquiry about using SSL encryption and SASL authentication for Kafka without specifying IP address in SAN in the CA certificate

2022-07-12 Thread Deepak Jain
Hello, Can anyone please help me regarding the below query regarding SSL communication in Kafka: Query: Is there any way to enable the hostname verification for Kafka communication between broker and client without specifying the IP address in SAN? Regards, Deepak From: Deepak Jain Sent: 08

RE: Inquiry about using SSL encryption and SASL authentication for Kafka without specifying IP address in SAN in the CA certificate

2022-07-14 Thread Deepak Jain
12, 2022 at 7:40 PM Deepak Jain wrote: > Hello, > > Can anyone please help me regarding the below query regarding SSL > communication in Kafka: > > Query: Is there any way to enable the hostname verification for Kafka > communication between broker and client wi

Kafka process fails to start when special character is present in Keystore password in SSL encryption and SASL authentication

2025-03-26 Thread Deepak Jain
is related to shell interpretation, we have tried all publicly available solutions (like passing the password in env variable, backlashing the special character in the passwords and etc), but the issue persists. Please help us to understand the issue and provide any solution. Regards, Deepak Jain Cumulus Systems

Re: Kafka process fails to start when special character is present in Keystore password in SSL encryption and SASL authentication

2025-03-27 Thread Deepak Jain
nfirm with the sender before opening attachments or clicking links inside the email. Hej, Look here: https://en.m.wikipedia.org/wiki/Percent-encoding *__* *Regards,* *Maciej Małecki* wt., 25 mar 2025, 11:30 użytkownik Deepak Jain < deepak.j...@cumulus-systems.com> nap

Re: Kafka process fails to start when special character is present in Keystore password in SSL encryption and SASL authentication

2025-04-01 Thread Deepak Jain
Hello Kafka users, We are really stuck in this issue where we cannot use the special character in the keystore (and truststore) password from the shell. We would we grateful for any possible solution. Regards, Deepak From: Deepak Jain Sent: Friday, March 28