我试图用Java中的SASL连接到Kafka服务器,但它不起作用。我没有托管服务器,以下是我唯一的凭据:
- KAFKA_BROKER URL / PORT
- KAFKA_SCHEMA_REGISTRY
- KAFKA_USER
- KAFKA_PASSWORD
- KAFKA_TOPIC_NAME
- The Kafka certificate (ca.pem)
我能够像这样用Python连接到服务器:
'bootstrap.servers': 'kafka-************.com:****',
'ssl.ca.location':'/home/******/Downloads/ca.pem',
'security.protocol':'sasl_ssl',
'group.id': '*****',
'sasl.mechanism':'SCRAM-SHA-256',
'sasl.username':'******',
'sasl.password':'******'
这很好,问题是"ssl.ca.location"参数在Java中不可用,我看到人们正在使用KeyStore/TrustStore信息,但我没有这些信息。
你知道我如何使用Java提供证书信息吗?
Here is my actual Java code:
Properties properties = new Properties();
properties.put(ConsumerConfig.BOOTSTRAP_SERVERS_CONFIG, "kafka-*********.com:****");
properties.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
properties.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
properties.put(ConsumerConfig.GROUP_ID_CONFIG, "*****");
properties.put(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest");
properties.put("security.protocol","SASL_SSL");
properties.put("sasl.mechanism","SCRAM-SHA-256");
properties.put("sasl.jaas.config","org.apache.kafka.common.security.scram.ScramLoginModule required username="******" password="********";");
System.out.println("conf== " + properties.get("sasl.jaas.config"));
properties.put(ConsumerConfig.ENABLE_AUTO_COMMIT_CONFIG, true);
Consumer<String, String> consumer = new KafkaConsumer<>(properties);
这就是我得到的错误:
(sun.security.validator.ValidatorException) PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
这是我的解决方案(对不起,我不是卡夫卡专家(。多亏了证书文件,我生成了一个Truststore文件(而不是密钥库,我仍然不清楚它们之间的区别(。以下是我为使我工作而添加的参数:
properties.put("ssl.endpoint.identification.algorithm",""); properties.put("ssl.truststore.location","C:\Users\**\Downloads\keystore.jks");
properties.put("ssl.truststore.password","****");
谢谢大家:(