Hello,
The latest docs (https://kafka.apache.org/documentation/#security_overview)
give the following command in section 7.2.1 "[t]o generate certificate
signing requests":
keytool -keystore server.keystore.jks -alias localhost -validity {validity}
-genkey -keyalg RSA -destkeystoretype pkcs12 -ext
SAN=DNS:{FQDN},IP:{IPADDRESS1}
This is clearly not the correct command given it uses the "-genkey" flag as
opposed to the "-certreq" flag.
The docs for version 2.5 (https://kafka.apache.org/25/documentation.html)
have the correct CSR generation command in section 7.2.3. It looks like
section 7 has been rewritten between these versions and the correct CSR
generation command has been removed.
Am I correct in thinking this is wrong? If so, how can I raise this as an
issue?
Thanks
