Re: Kafka 2 way authentication not working

2021-06-04 Thread Anjali Sharma
Thanks for the help, can we please confirm once whether we can dynamically update this or not? On Fri, Jun 4, 2021, 14:05 Ran Lupovich wrote: > What do you mean if you can? > It is supported option. > You can set it up - but seems to do it dynamically update is not yet > implemented - but I'll

Re: Kafka 2 way authentication not working

2021-06-04 Thread Ran Lupovich
What do you mean if you can? It is supported option. You can set it up - but seems to do it dynamically update is not yet implemented - but I'll have to look into the kafka code - not going to that at the moment. בתאריך יום ו׳, 4 ביוני 2021, 11:27, מאת Anjali Sharma ‏<

Re: Kafka 2 way authentication not working

2021-06-04 Thread Anjali Sharma
But according to the documentation provided by you we can configure SSL.client.auth right?? Config options: Listener Configs listeners advertised.listeners listener.security.protocol.map Common security config principal.builder.class SSL Configs ssl.protocol ssl.provider ssl.cipher.suites

Re: Kafka 2 way authentication not working

2021-06-04 Thread Ran Lupovich
All the security configs can be dynamically configured for new listeners. In the initial implementation, only some configs will be dynamically updatable for existing listeners (e.g. SSL keystores). Support for updating other security configs dynamically for existing listeners will be added later

Re: Kafka 2 way authentication not working

2021-06-04 Thread Ran Lupovich
Thanks for checking... is there a way for you to check if this behavior is for "already connected clients" and what check only what happens to "new connections" בתאריך יום ו׳, 4 ביוני 2021, 10:47, מאת Anjali Sharma ‏< sharma.anjali.2...@gmail.com>: > Neither listener specific nor ssl.client.auth

Re: Kafka 2 way authentication not working

2021-06-04 Thread Anjali Sharma
Neither listener specific nor ssl.client.auth is working dynamically On Fri, Jun 4, 2021, 13:04 Ran Lupovich wrote: > And not* to specific listener > > בתאריך יום ו׳, 4 ביוני 2021, 10:30, מאת Ran Lupovich ‏< > ranlupov...@gmail.com > >: > > > According to documentation it is dynamic and should

Re: Kafka 2 way authentication not working

2021-06-04 Thread Ran Lupovich
And not* to specific listener בתאריך יום ו׳, 4 ביוני 2021, 10:30, מאת Ran Lupovich ‏: > According to documentation it is dynamic and should work, though it is > "general" ssl.auth of the entire broker setting and to specific listener as > you are trying out , but the logic says it should work

Re: Kafka 2 way authentication not working

2021-06-04 Thread Ran Lupovich
According to documentation it is dynamic and should work, though it is "general" ssl.auth of the entire broker setting and to specific listener as you are trying out , but the logic says it should work the same... besides that I do not have anything smart to suggest, the only understanding we need

Re: Kafka 2 way authentication not working

2021-06-04 Thread Anjali Sharma
Yes restarting the Kafka solves the problem but as it is dynamic there is no need to restart the Kafka right? On Fri, Jun 4, 2021, 12:13 Ran Lupovich wrote: > Restarting the broker solves the problem? Do your clients fully disconnect > and reconnect? > > בתאריך יום ו׳, 4 ביוני 2021, 09:24, מאת

Re: Kafka 2 way authentication not working

2021-06-04 Thread Ran Lupovich
Restarting the broker solves the problem? Do your clients fully disconnect and reconnect? בתאריך יום ו׳, 4 ביוני 2021, 09:24, מאת Anjali Sharma ‏< sharma.anjali.2...@gmail.com>: > Hi Ran, > > Thank you so much for the help, but had already gone through the > documentation, but despite doing the

Re: Kafka 2 way authentication not working

2021-06-04 Thread Anjali Sharma
Hi Ran, Thank you so much for the help, but had already gone through the documentation, but despite doing the same thing it is not working , we are not getting any client certificate request as such , is there anything that I am missing in the executing the command or we need to restart the

Re: Kafka 2 way authentication not working

2021-06-03 Thread Ran Lupovich
Adding this information that supports your assumptions that it should be dynamically supportedNotice the update mode - Dynamic Update Mode option in Broker Configurations for the update

Kafka 2 way authentication not working

2021-06-03 Thread Anjali Sharma
Dear All, When trying to configure mtls without restarting the brokers it is not working. For mutualTLS "ssl.client.auth" should be set to "required". So, if we are trying to do the dynamic update using the below command *sh /opt/kafka/bin/kafka-configs.sh --bootstrap-server localhost:28104