David Mollitor created KAFKA-10612: -------------------------------------- Summary: Log When SSL Authentication is in Unexpected State Key: KAFKA-10612 URL: https://issues.apache.org/jira/browse/KAFKA-10612 Project: Kafka Issue Type: Improvement Reporter: David Mollitor
Recently got into some deep troubleshooting of Kafka SSL client authentication. I was looking at a lot of SSL debug logging and seeing that the client was correctly passing its client credentials but the client would not authorize correctly with Apache Sentry. I finally discovered that the issue was simply that {{ssl.client.auth}} was set to {{none}}. D'oh. It would have been helpful to get some broker logging indicating that the client is doing SSL authentication but that none is required by the server. I doubt many environments would bother setting it up if it wasn't going to be used. https://kafka.apache.org/documentation/#ssl.client.auth -- This message was sent by Atlassian Jira (v8.3.4#803005)