David Scrève created KAFKA-20784:
------------------------------------
Summary: Change certificate management
Key: KAFKA-20784
URL: https://issues.apache.org/jira/browse/KAFKA-20784
Project: Kafka
Issue Type: Wish
Components: controller
Affects Versions: 4.3.1
Reporter: David Scrève
When using custom SSL certificate, we need to provide a Client AND Server
certificate because Kafka use it internally for communication between
Controller.
This kind of certificate is strongly discouraged and will be soon rejected by
Google and others...
Like K8S, you should use your own CA and generate your own certificates for
internal communication and use the SSL certificate only for external
communication with clients.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)