Hi, the error looks like a missing configuration value. A good source of examples how to set up security can be found at https://github.com/purbon/kafka-security-playbook or https://docs.confluent.io/current/kafka/authentication_ssl.html.
i would verify them and see if you're using the same configuration and properly setup certificate stores. I hope it helps, -- Pere On Thu, 22 Aug 2019, 05:49 Antony A <antonyaugus...@gmail.com> wrote: > Hi, > > I have followed the steps to secure the brokers using SSL. I have signed > the server certificate using internal CA. I have the keystore with server > certificate, private key and the CA. Also the truststore has only the CA. > > Unfortunately I am unable to start the broker with the following server > properties > > isteners=SSL://:9092 > security.inter.broker.protocol=SSL > ssl.client.auth=required > > ssl.truststore.location=/tmp/kafka.server.truststore.jks > ssl.truststore.password=password > ssl.keystore.location=/tmp/kafka.server.keystore.jks > ssl.keystore.password=password > ssl.key.password=password > > # ACLs > authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer > super.users=User:kafkabroker > > > Here is the error in the logs > > org.apache.kafka.common.KafkaException: > org.apache.kafka.common.config.ConfigException: Invalid value > javax.net.ssl.SSLHandshakeException: General SSLEngine problem for > configuration A client SSLEngine created with the provided settings can't > connect to a server SSLEngine created with those settings. > > Any pointers on what to do? > > Thanks, > Antony > > PS: Kafka Version 2.3 >
