Connecting to Kafka using SSL with Kerberos authentication
Pass the properties for SSL and Kerberos authentication.
Procedure
Add the following properties to the .properties file that is passed to the
EnableBAI.py configuration script.
- keytab
- The full path to the Kerberos keytab file.
- krb5Principal
- The Kerberos principal, for example user/host@MYREALM.
- realm
- The Kerberos REALM.
- kdc
- The host of the center for key distribution.
- kerberosServiceName
- The name of the Kerberos service used by Kafka. This name must match the principal name of the Kafka brokers.
- trustStore
- The full path to a truststore that contains your Kafka broker certificate. See Generating a keystore and truststore for the BPMN event emitter.
- trustStore.password
- The password to the truststore.
Example
type=kerberos_ssl
# Kerberos
keytab=<full path to kerberos keytab file>
krb5Principal=<kerberos principal>
realm=<kerberos REALM>
kdc=<kerberos Key Distribution Center host>
kerberosServiceName=<kerberos service name used by Kafka>
# SSL
trustStore=<full path to the previously created truststore>
trustStore.password=<trustore password>