我尝试使用kafka-console-producer.sh发送消息时出错:
client-ssl.properties:
security.protocol=SSL
ssl.truststore.location=client.truststore.jks
ssl.truststore.password=klux$Ipzx*
ssl.enabled.protocols=TLSv1.2
kafka server.properties:
ssl.keystore.location=***/server.keystore.jks
ssl.keystore.password=***
ssl.key.password=***
ssl.truststore.location=***/server.truststore.jks
ssl.truststore.password=***
ssl.enabled.protocols=TLSv1.2
ssl.client.auth=required
security.inter.broker.protocol=SSL
命令: openssl s_client -debug -CAfile ca-cert -connect localhost:9093 -tls1_2 给出正确的响应:
...
Acceptable client certificate CA names
/C=FR/ST=France/L=Nantes/O=sower.org/OU=sower.org/CN=sower.org
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithm