(DEPRECATED) Apache Flink User Mailing List archive.

#kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

Classic

List

Threaded

8 messages Options

alex.decastro

#kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

Dear flinkers,
I'm consuming from a kafka broker in a server that has ssl authentication enabled? How do I config my consumer to compy with it?

Many thanks
Alex

rmetzger0

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

Check out the documentation: https://ci.apache.org/projects/flink/flink-docs-release-1.2/dev/connectors/kafka.html#enabling-kerberos-authentication-for-versions-09-and-above-only

On Wed, Feb 8, 2017 at 4:40 PM, alex.decastro <[hidden email]> wrote:

Dear flinkers,
I'm consuming from a kafka broker in a server that has ssl authentication
enabled? How do I config my consumer to compy with it?

Many thanks
Alex

--
View this message in context: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/kafka-ssl-how-to-enable-ssl-authentication-for-a-new-kafka-consumer-tp11532.html
Sent from the Apache Flink User Mailing List archive. mailing list archive at Nabble.com.

alex.decastro

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

Thanks Robert.
As a beginner Flinker, hot to tell my Flink app (in Intellij say) where the flink-conf.yaml is.

Alex

alex.decastro

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

In reply to this post by alex.decastro

I found a similar question and answer at #stackoverflow
http://stackoverflow.com/questions/37743194/local-flink-config-running-standalone-from-ide

Verify?

rmetzger0

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

I've added another answer on SO that explains how you can pass a custom configuration object to the execution environment.

On Thu, Feb 9, 2017 at 11:09 AM, alex.decastro <[hidden email]> wrote:

I found a similar question and answer at #stackoverflow
http://stackoverflow.com/questions/37743194/local-flink-config-running-standalone-from-ide

Verify?

--
View this message in context: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/kafka-ssl-how-to-enable-ssl-authentication-for-a-new-kafka-consumer-tp11532p11539.html

Sent from the Apache Flink User Mailing List archive. mailing list archive at Nabble.com.

alex.decastro

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

Cool, thanks. Just checked it.

One last question:

if the server hosting my Kafka broker has only SSL enabled, but not SASL (Kerberos) how to go about enabling connection authentication between client consumer and broker?

Same for data transfer?

Tzu-Li (Gordon) Tai

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

Hi Alex,

Kafka authentication and data transfer encryption using SSL can be simply done be configuring brokers and the connecting client.

You can take a look at this: https://kafka.apache.org/documentation/#security_ssl.

The Kafka client that the Flink connector uses can be configured through the `Properties` configuration provided when instantiating `FlinkKafkaConsumer`. You just need to set values for these config properties: https://kafka.apache.org/documentation/#security_configclients.

Note that SSL truststore / keystore locations must exist on all of your Flink TMs for this to work.

Hope this helps!

- Gordon

tunm4

Re: #kafka/#ssl: how to enable ssl authentication for a new kafka consumer?

I aslo meet this problem. Can you share me solutions?
Thank you so much!