Hi Yingjie, No worries! Glad to help! Luke
On Tue, Nov 23, 2021 at 5:52 PM yingjie zou <yingjiez...@gmail.com> wrote: > Hi Luke, > > This solved my problem. > I'm sorry to trouble you because I didn't read the document carefully. > Thank you very much. > > > Yingjie Zou > > On Tue, Nov 23, 2021 at 2:20 PM Luke Chen <show...@gmail.com> wrote: > > > Hi Yingjie, > > > However, I meet a problem. If I need to add, remove or renew the > > certificate to Kafka’s truststore, Kafka requires a reboot which would > > impact the service available for other teams. > > > > > So I want to know if there is a better way to support the change of > > Kafka’s > > certificate without impacting the service availability? > > > > Yes, Kafka supports dynamically updating broker's configuration. Please > > check here: https://kafka.apache.org/documentation/#dynamicbrokerconfigs > , > > there's a section talking about "Updating SSL Truststore of an Existing > > Listener", which should be what you're looking for. > > > > Good luck. > > > > Thank you. > > Luke > > > > On Tue, Nov 23, 2021 at 1:12 PM yingjie zou <yingjiez...@gmail.com> > wrote: > > > > > Hi, > > > > > > Currently, we are going to provide Kafka services to 20+ development > > teams > > > in my company, we’d like to provide that as multi-tenancy - the > different > > > team has different authentication. And we try to use the Kafka mTLS > > > solution. > > > > > > However, I meet a problem. If I need to add, remove or renew the > > > certificate to Kafka’s truststore, Kafka requires a reboot which would > > > impact the service available for other teams. > > > > > > So I want to know if there is a better way to support the change of > > Kafka’s > > > certificate without impacting the service availability? > > > > > > Any help is appreciated. > > > > > > Thanks. > > > Yingjie Zou > > > > > >
