Hi Nikolay,

You can use OpenSSL s_client to check all these things.

https://www.openssl.org/docs/manmaster/man1/s_client.html

--
Igor

On Wed, Dec 2, 2020, at 5:44 PM, Nikolay Izhikov wrote:
> Hello.
> 
> Kafka has an ability to configure SSL connections between brokers and clients.
> SSL certificates has different params such as
>       *       issuer
>       *       CN
>       *       validity date 
> and so on.
> 
> Values of these parameters important during maintenance:
>       *       checking correctness of deployment
>       *       planning for certification renewal (validity date)
> 
> AFAIK, Kafka doesn’t have a standard way to expose parameters of 
> configured SSL certificates.
> 
> I think we can return those parameters as a result of some Admin command.
> 
> `./bin/kafka-configs.sh —entity-type ssl-certificates —describe` 
> 
> What do you think?
> I can create KIP if this idea is supported by the community.

Reply via email to