[ https://issues.apache.org/jira/browse/KAFKA-8669?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Manikumar resolved KAFKA-8669. ------------------------------ Fix Version/s: 2.4.0 Assignee: Sai Sandeep Resolution: Fixed Fixed in https://github.com/apache/kafka/pull/7090 > Add java security providers in Kafka Security config > ---------------------------------------------------- > > Key: KAFKA-8669 > URL: https://issues.apache.org/jira/browse/KAFKA-8669 > Project: Kafka > Issue Type: Improvement > Reporter: Sai Sandeep > Assignee: Sai Sandeep > Priority: Minor > Fix For: 2.4.0 > > > Currently kafka supports ssl.keymanager.algorithm and > ssl.trustmanager.algorithm parameters as part of secure config. These > parameters can be configured to load the key manager and trust managers which > provide keys and certificates for ssl handshakes with the clients/server. The > algorithms configured by parameters need to be registered by Java security > provider classes. These provider classes are configured as JVM properties > through java.security file. An example file given below > {code:java} > $ cat /usr/lib/jvm/jdk-8-oracle-x64/jre/lib/security/java.security > ... > security.provider.1=sun.security.provider.Sun > security.provider.2=sun.security.rsa.SunRsaSign > security.provider.3=sun.security.ec.SunEC > … > {code} > Custom keymanager and trustmanager algorithms can be used to supply the kafka > brokers with keys and certificates, these algorithms can be used to replace > the traditional, non-scalable static keystore and truststore jks files. > To take advantage of these custom algorithms, we want to support java > security provider parameter in security config. This param can be used by > kafka brokers or kafka clients(when connecting to the kafka brokers). The > security providers can also be used for configuring security in SASL based > communication too. > -- This message was sent by Atlassian Jira (v8.3.4#803005)