No. There is quorum SSL between zookeeper servers on different ports. https://zookeeper.apache.org/doc/current/zookeeperAdmin.html#Quorum+TLS
Note: please don’t use in production self signed certificates and put in your trust store the CAs. Client ports are for clients > Am 30.07.2019 um 12:41 schrieb Nayak, Soumya R. <sna...@firstam.com>: > > Thanks Harsha for the link. > > As I am using a zookeeper cluster. > In the below link there is a mention that no SSL support is there between > zookeeper servers. (Any future version that would have this feature) > > So is it that the zookeeper servers will talk to each other on the ClientPort > - 2181 and the kafka brokers will talk to these zookeeper servers over SSL on > the secureClientPort - 2281. > > Please confirm if its correct or anything I am missing. > > Regards, > Soumya > > -----Original Message----- > From: Harsha <ka...@harsha.io> > Sent: Monday, July 29, 2019 4:26 PM > To: users@kafka.apache.org > Subject: Re: TLS Communication in With Zookeeper Cluster > > Here is the guide > https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide > you need zookeeper 3.5 or higher for TLS. > >> On Mon, Jul 29, 2019, at 1:21 AM, Nayak, Soumya R. wrote: >> Hi Team, >> >> Is there any way mutual TLS communication set up can be done with >> zookeeper. If any references, can you please let me know. >> >> I am trying to set up a Zookeeper cluster (3 Zookeepers) and Kafka >> cluster (4 Kafka Brokers) using docker images in Azure Ubuntu VM >> servers. >> >> >> Also, there is a new protocol of RAFT-ETCD . How is it when compared >> to Kafka Zookeeper set up? >> >> Regards, >> Soumya >> >> ********************************************************************** >> ******************** This message may contain confidential or >> proprietary information intended only for the use of the >> addressee(s) named above or may contain information that is legally >> privileged. If you are not the intended addressee, or the person >> responsible for delivering it to the intended addressee, you are >> hereby notified that reading, disseminating, distributing or copying >> this message is strictly prohibited. If you have received this message >> by mistake, please immediately notify us by replying to the message >> and delete the original message and any copies immediately thereafter. >> >> If you received this email as a commercial message and would like to >> opt out of future commercial messages, please let us know and we will >> remove you from our distribution list. >> >> Thank you.~ >> ********************************************************************** >> ******************** >> FAFLD >>
