[jira] [Resolved] (KAFKA-16049) Can you please share tutorial how to run Latest Kafka (3.6.0) with SASL_SSL

Fri, 17 Oct 2025 16:30:10 -0700 


     [ 
https://issues.apache.org/jira/browse/KAFKA-16049?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Matthias J. Sax resolved KAFKA-16049.
-------------------------------------
    Resolution: Invalid

[~petr_kostroun] – we use Jira to track bug reports and feature request.

For question like yours, please reach out to the user mailing list: 
https://kafka.apache.org/contact

> Can you please share tutorial how to run Latest Kafka (3.6.0) with SASL_SSL
> ---------------------------------------------------------------------------
>
>                 Key: KAFKA-16049
>                 URL: https://issues.apache.org/jira/browse/KAFKA-16049
>             Project: Kafka
>          Issue Type: Task
>          Components: config
>    Affects Versions: 3.6.0
>            Reporter: Petr Kostroun
>            Priority: Major
>              Labels: newbie
>
> Can you please share tutorial how to use SASL_SSL with Kafka version 3.6.0?
>  
> I use this config for zookeeper.properties:
> authProvider.sasl=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
>  
> I use this config for zookeeper.jaas.config:
> Server
> {        org.apache.zookeeper.server.auth.DigestLoginModule required        
> user_super="adminsecret"        user_admin="kafka123"; }
> ;
>  
> I use this config for server.properties:
>  
> sasl.enabled.mechanisms=SCRAM-SHA-256
> listeners=SASL_SSL://localhost:9092
> advertised.listeners=SASL_SSL://localhost:9092
> sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256
> security.inter.broker.protocol=SASL_SSL
> ssl.keystore.location=C:/apps/certs/keystore.jks
> ssl.keystore.password=sepultura1
> ssl.key.password=sepultura1
> ssl.truststore.location=C:/apps/certs/truststore.jks
> ssl.truststore.password=sepultura1
> ssl.client.auth=required
> ssl.endpoint.identification.algorithm=
>  
> I use this as kafkaserver.jaas.config:
> KafkaServer
> {    org.apache.kafka.common.security.scram.ScramLoginModule required    
> username="user"    password="sepultura1"; }
> ;
> Client
> {     org.apache.zookeeper.server.auth.DigestLoginModule required     
> username="admin"     password="kafka123"; }
> ;
>  
> But in server log I see error:
>  
> [2023-12-25 19:36:58,233] INFO [Controller id=0, targetBrokerId=0] Node 0 
> disconnected. (org.apache.kafka.clients.NetworkClient)
> [2023-12-25 19:36:58,244] ERROR [Controller id=0, targetBrokerId=0] 
> Connection to node 0 (localhost/127.0.0.1:9092) failed authentication due to: 
> Authentication failed during authentication due to invalid credentials with 
> SASL mechanism SCRAM-SHA-256 (org.apache.kafka.clients.NetworkClient)
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to