[jira] [Commented] (KAFKA-6654) Customize SSLContext creation
[ https://issues.apache.org/jira/browse/KAFKA-6654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17343635#comment-17343635 ] Maulin Vasavada commented on KAFKA-6654: [~soarez] See the above. > Customize SSLContext creation > - > > Key: KAFKA-6654 > URL: https://issues.apache.org/jira/browse/KAFKA-6654 > Project: Kafka > Issue Type: Improvement > Components: config >Affects Versions: 1.0.0 >Reporter: Robert Wruck >Priority: Major > > Currently, loading of SSL keystore and truststore always uses a > FileInputStream (SslFactory.SecurityStore) and cannot be changed to load > keystores from other locations such as the classpath, raw byte arrays etc. > Furthermore, passwords for the key stores have to be provided as plaintext > configuration properties. > Delegating the creation of an SSLContext to a customizable implementation > might solve some more issues such as KAFKA-5519, KAFKA-4933, KAFKA-4294, > KAFKA-2629 by enabling Kafka users to implement their own. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KAFKA-6654) Customize SSLContext creation
[ https://issues.apache.org/jira/browse/KAFKA-6654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17343634#comment-17343634 ] Maulin Vasavada commented on KAFKA-6654: KIP-519 addresses this issue. > Customize SSLContext creation > - > > Key: KAFKA-6654 > URL: https://issues.apache.org/jira/browse/KAFKA-6654 > Project: Kafka > Issue Type: Improvement > Components: config >Affects Versions: 1.0.0 >Reporter: Robert Wruck >Priority: Major > > Currently, loading of SSL keystore and truststore always uses a > FileInputStream (SslFactory.SecurityStore) and cannot be changed to load > keystores from other locations such as the classpath, raw byte arrays etc. > Furthermore, passwords for the key stores have to be provided as plaintext > configuration properties. > Delegating the creation of an SSLContext to a customizable implementation > might solve some more issues such as KAFKA-5519, KAFKA-4933, KAFKA-4294, > KAFKA-2629 by enabling Kafka users to implement their own. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KAFKA-6654) Customize SSLContext creation
[ https://issues.apache.org/jira/browse/KAFKA-6654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16878731#comment-16878731 ] Igor Soarez commented on KAFKA-6654: What's the state of this? Would you mind if I pick this up? [~clement_pelle...@ibi.com] > Customize SSLContext creation > - > > Key: KAFKA-6654 > URL: https://issues.apache.org/jira/browse/KAFKA-6654 > Project: Kafka > Issue Type: Improvement > Components: config >Affects Versions: 1.0.0 >Reporter: Robert Wruck >Priority: Major > > Currently, loading of SSL keystore and truststore always uses a > FileInputStream (SslFactory.SecurityStore) and cannot be changed to load > keystores from other locations such as the classpath, raw byte arrays etc. > Furthermore, passwords for the key stores have to be provided as plaintext > configuration properties. > Delegating the creation of an SSLContext to a customizable implementation > might solve some more issues such as KAFKA-5519, KAFKA-4933, KAFKA-4294, > KAFKA-2629 by enabling Kafka users to implement their own. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (KAFKA-6654) Customize SSLContext creation
[ https://issues.apache.org/jira/browse/KAFKA-6654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16724988#comment-16724988 ] Clement Pellerin commented on KAFKA-6654: - KIP-383 proposes a solution for this Jira but it needs more votes. > Customize SSLContext creation > - > > Key: KAFKA-6654 > URL: https://issues.apache.org/jira/browse/KAFKA-6654 > Project: Kafka > Issue Type: Improvement > Components: config >Affects Versions: 1.0.0 >Reporter: Robert Wruck >Priority: Major > > Currently, loading of SSL keystore and truststore always uses a > FileInputStream (SslFactory.SecurityStore) and cannot be changed to load > keystores from other locations such as the classpath, raw byte arrays etc. > Furthermore, passwords for the key stores have to be provided as plaintext > configuration properties. > Delegating the creation of an SSLContext to a customizable implementation > might solve some more issues such as KAFKA-5519, KAFKA-4933, KAFKA-4294, > KAFKA-2629 by enabling Kafka users to implement their own. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
