Hi Luke, This solved my problem. I'm sorry to trouble you because I didn't read the document carefully. Thank you very much.
Yingjie Zou On Tue, Nov 23, 2021 at 2:20 PM Luke Chen <show...@gmail.com> wrote: > Hi Yingjie, > > However, I meet a problem. If I need to add, remove or renew the > certificate to Kafka’s truststore, Kafka requires a reboot which would > impact the service available for other teams. > > > So I want to know if there is a better way to support the change of > Kafka’s > certificate without impacting the service availability? > > Yes, Kafka supports dynamically updating broker's configuration. Please > check here: https://kafka.apache.org/documentation/#dynamicbrokerconfigs , > there's a section talking about "Updating SSL Truststore of an Existing > Listener", which should be what you're looking for. > > Good luck. > > Thank you. > Luke > > On Tue, Nov 23, 2021 at 1:12 PM yingjie zou <yingjiez...@gmail.com> wrote: > > > Hi, > > > > Currently, we are going to provide Kafka services to 20+ development > teams > > in my company, we’d like to provide that as multi-tenancy - the different > > team has different authentication. And we try to use the Kafka mTLS > > solution. > > > > However, I meet a problem. If I need to add, remove or renew the > > certificate to Kafka’s truststore, Kafka requires a reboot which would > > impact the service available for other teams. > > > > So I want to know if there is a better way to support the change of > Kafka’s > > certificate without impacting the service availability? > > > > Any help is appreciated. > > > > Thanks. > > Yingjie Zou > > >
