How to pass the SSL config like truststore location and password?

Question

Right now I have configured my Kafka server with a self-signed certificate.

version: '2'
services:
  zookeeper:
    image: wurstmeister/zookeeper:latest
    ports:
      - 2181:2181
    hostname: zookeeper
  kafka:
    image: wurstmeister/kafka:2.11-2.0.0
    command: [start-kafka.sh]
    ports:
      - 9093:9093
    hostname: kafka
    environment:
      KAFKA_LISTENERS: SSL://0.0.0.0:9093
      KAFKA_ADVERTISED_LISTENERS: SSL://alfrescokafka.leafycode.com:9093
      KAFKA_SSL_KEYSTORE_LOCATION: /home/amur42s/ssl/kafka.server.keystore.jks
      KAFKA_SSL_KEYSTORE_PASSWORD: oE4KJ9FVMjMXGpgpp0qwLzUDy0uz
      KAFKA_SSL_KEY_PASSWORD: oE4KJ9FVMjMXGpgpp0qwLzUDy0uz
      KAFKA_SSL_TRUSTSTORE_LOCATION: /home/amur42s/ssl/kafka.server.truststore.jks
      KAFKA_SSL_TRUSTSTORE_PASSWORD: 123
      KAFKA_ADVERTISED_HOST_NAME: 116.203.65.132 # docker-machine ip
      KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
      KAFKA_CREATE_TOPICS: ""
      KAFKA_SSL_CLIENT_AUTH: 'required'
      KAFKA_SECURITY_INTER_BROKER_PROTOCOL: 'SSL'
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /home/ssl:/home/ssl
    depends_on:
      - "zookeeper"

Unfortunately, I'm unable to connect to it using Kafka-node TimeoutError: Request timed out after 30000ms. Looks like I need to set the ssl.truststore.location and ssl.trsutstore.password. How can I do this?

export const kafkaClientOptions = {
  kafkaHost: process.env.KAFKA_PRODUCER_HOST,
  ssl: true,
  sslOptions: {
    rejectUnauthorized: false
  }
};

const client = new kafka.KafkaClient(kafkaClientOptions);

const Producer = kafka.Producer;
const producer = new Producer(client);

How to pass the SSL config like truststore location and password?

Answers (1)

Related Questions