[
https://issues.apache.org/jira/browse/KAFKA-15464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17765515#comment-17765515
]
Luke Chen commented on KAFKA-15464:
-----------------------------------
[~rsivaram] [~omkreddy], since you're the experts of this area, could you have
a look and comment on it? Thanks.
> Allow dynamic reloading of certificates with different DN / SANs
> ----------------------------------------------------------------
>
> Key: KAFKA-15464
> URL: https://issues.apache.org/jira/browse/KAFKA-15464
> Project: Kafka
> Issue Type: Improvement
> Reporter: Jakub Scholz
> Assignee: Jakub Scholz
> Priority: Major
>
> Kafka currently doesn't allow dynamic reloading of keystores when the new key
> has a different DN or removes some of the SANs. While it might help to
> prevent users from breaking their cluster, in some cases it would be great to
> be able to bypass this validation when desired.
> More details are in the [KIP-978: Allow dynamic reloading of certificates
> with different DN /
> SANs|https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=263429128]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
