[
https://issues.apache.org/jira/browse/KAFKA-4413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15674795#comment-15674795
]
Rajini Sivaram commented on KAFKA-4413:
---------------------------------------
Truststore is an optional config. If you don't specify a value, the default
truststore (cacerts) is used. Did you run into any issues when truststore was
not configured for producer or consumer?
> Kakfa should support default SSLContext
> ---------------------------------------
>
> Key: KAFKA-4413
> URL: https://issues.apache.org/jira/browse/KAFKA-4413
> Project: Kafka
> Issue Type: Improvement
> Components: security
> Affects Versions: 0.10.0.1
> Environment: All
> Reporter: Wenjie Zhang
> Labels: SSLContext, SslFactory, https, ssl
>
> Currently, to enable SSL in either consumer or producer, we have to provide
> trustStore file and password. Ideally, if the Kafka server configured with CA
> signed certificate, since JRE includes certain CA ROOT certs inside
> "cacerts", Kafka should support SSL without any trustStore file, basically,
> we should update
> `org.apache.kafka.common.security.ssl.SslFactory.createSSLContext` to use
> `SSLContext.getDefault()` when trustStore file is not needed, not sure if
> there is any other places needs to be updated for this enhancement
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
