Hi Martin, thanks for the quick response. Let me clarify:
I am running kafka-topics.sh in a docker container that is not part of the cluster that I'm trying to create topics in. I am able to produce/consume over SSL/SASL from that same container, but that's because I can provide the producer/consumer auth properties inline in the command. The way I read your answer is that changing server.properties in the docker container will cause kafka-topics.sh/TopicAdmin to connect to the cluster via SSL/SASL. Is that correct? Thanks, Chris On Fri, Jul 19, 2019 at 11:57 AM Martin Gainty <mgai...@hotmail.com> wrote: > MG>below > > ________________________________ > From: Chris Constantin <chris.constan...@aligned.io> > Sent: Friday, July 19, 2019 2:09 PM > To: users@kafka.apache.org > Subject: topic admin over SSL/SASL > > Hi, > > How can the security.protocol config can be passed in to > 'kafka-topics'/TopicAdmin when creating topics? > I can pass > in -Djavax.net.ssl.trustStore, -Djavax.net.ssl.trustStorePassword > -Djava.security.auth.login.config via KAFKA_OPTS, but I can't figure out > how to set security.protocol > MG>Configure the following properties in > $KAFKA_HOME/config/producer.properties or > $KAFKA_HOME/config/consumer.properties: > security.protocol=SASL_PLAINTEXT (or SASL_SSL) > > and sasl.mechanism > MG>Configure the SASL mechanism for inter-broker communication in > $KAFKA_HOME/config/server.properties if using SASL for inter-broker > communication: > MG> sasl.mechanism.inter.broker.protocol=GSSAPI (or PLAIN) > > MG>examples should be located in > tests/kafkatest/services/kafka/templates/kafka.properties > > Thank you, > Chris > MG>HTH > -- *Chris Constantin* Chief Architect, Aligned Software Solutions Inc. T: 604 259 7676 | C: 778 838 1550 | aligned.software
