Question

我在从客户端进行生产时收到以下警告，该客户端连接到包含基于SSL的身份验证的服务器端：

[2016-03-10 07:09:13,018] WARN The configuration ssl.keystore.location = /etc/pki/tls/certs/keystore-hpfs.jks was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
[2016-03-10 07:09:13,019] WARN The configuration ssl.keystore.password = 1qazxsw2 was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
[2016-03-10 07:09:13,019] WARN The configuration ssl.key.password = 1qazxsw2 was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
[2016-03-10 07:09:13,019] WARN The configuration ssl.truststore.type = JKS was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
[2016-03-10 07:09:13,019] WARN The configuration ecurity.protocol = SSL was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
[2016-03-10 07:09:13,019] WARN The configuration ssl.keystore.type = JKS was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
[2016-03-10 07:09:13,019] WARN The configuration ssl.enabled.protocols = TLSv1.2,TLSv1.1,TLSv1 was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)

所以我无法生成任何低于错误的消息：

错误使用密钥向主题测试发送消息时出错：null，值：2个字节，错误：60000 ms后无法更新元数据。（org.apache.kafka.clients.producer.internals.ErrorLoggingCallback）

Answer 1

在server.properties中，ssl.keystore.type和ssl.truststore.type是可选属性，我可以看到ssl.truststore.location在您的配置中丢失，请确保将其添加。

listeners=PLAINTEXT://host.name:port,SSL://host.name:port

确保使用您提供的用于SSL连接的端口。

ssl.client.auth=required //for two way SSL

通过设置禁用主机名验证：

ssl.endpoint.identification.algorithm=

Answer 2

当 kafka 记录 SSL 握手错误时，我遇到了同样的问题。结果我忘记将 security.protocol=SSL 添加到我的生产者属性中。

Kafka SSL连接错误

2 个答案: