[
https://issues.apache.org/jira/browse/KAFKA-13247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17453550#comment-17453550
]
Tigran Margaryan commented on KAFKA-13247:
------------------------------------------
Hi [~dongjin]
Thank you for looking into this issue and sorry for the late response.
Imagine the case with you own the multiple services/microservices within the
one project and each of them (as a client) should connect to other
applications/servers via Mutual TLS e.g. Kafka Broker, another secured server
etc. The client's private key for Kafka cannot be used for connecting to
another secured servers and vice a versa. For this case the project's keystore
should contain all the clients certificates i.e. one for connecting to Kafka ,
another one for connecting to a secured server etc. Hence there should be
possibility to choose the "right" private key while establishing the connection
to corresponding application/server.
> Adding functionality for loading private key entry by alias from the keystore
> -----------------------------------------------------------------------------
>
> Key: KAFKA-13247
> URL: https://issues.apache.org/jira/browse/KAFKA-13247
> Project: Kafka
> Issue Type: Improvement
> Reporter: Tigran Margaryan
> Priority: Major
> Labels: kip-required
>
> Hello team,
> While configuring SSL for Kafka connectivity , I found out that there is no
> possibility to choose/load the private key entry by alias from the keystore
> defined via
> org.apache.kafka.common.config.SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG. It
> turns out that the keystore could not have multiple private key entries .
> Kindly ask you to add that config (smth. like SSL_KEY_ALIAS_CONFIG) into
> SslConfigs with the corresponding functionality which should load only the
> private key entry by defined alias.
>
> Thanks in advance.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
