SSL Security Configuration
Describes how to configure Kafka Connect security on a HPE Ezmeral Data Fabric cluster.
Secure by Default
As of Core 6.0, the Installer performs the Kafka Connect configuration for new
installations. This means that:
- If core is installed as secure, then Kafka Connect is also installed as secure.
- If core is installed as unsecure, then Kafka Connect is also installed as unsecure.
Manually Securing Kafka Connect Only
CAUTION
This configuration is not a typical configuration.If you have an unsecure HPE Ezmeral Data Fabric cluster, and you want to secure Kafka Connect, do the following:
- Generate the server and client certificates.
- Add any necessary property configurations to the
connect-distributed.properties
configuration file. For example:listeners=http://0.0.0.0:8083 ssl.keystore.location=<ssl-keystore-path> ssl.keystore.password=<ssl-keystore-password> ssl.key.password=<ssl-keystore-password>
- Restart Kafka
Connect.
maprcli node services -name kafka-connect -action restart -nodes <space delimited list of nodes>
- Run a curl command to ensure that HTTPS is enabled.
curl -X GET https://node1:8083/connectors --cacert <certificate-path>