Hi Nikolay, You can use OpenSSL s_client to check all these things.
https://www.openssl.org/docs/manmaster/man1/s_client.html -- Igor On Wed, Dec 2, 2020, at 5:44 PM, Nikolay Izhikov wrote: > Hello. > > Kafka has an ability to configure SSL connections between brokers and clients. > SSL certificates has different params such as > * issuer > * CN > * validity date > and so on. > > Values of these parameters important during maintenance: > * checking correctness of deployment > * planning for certification renewal (validity date) > > AFAIK, Kafka doesn’t have a standard way to expose parameters of > configured SSL certificates. > > I think we can return those parameters as a result of some Admin command. > > `./bin/kafka-configs.sh —entity-type ssl-certificates —describe` > > What do you think? > I can create KIP if this idea is supported by the community.