Skip to content

Implement a mechanism to skip SSL verification for kafka-connect #268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
4 tasks done
fallen-up opened this issue Apr 4, 2024 · 1 comment
Closed
4 tasks done

Implement a mechanism to skip SSL verification for kafka-connect #268

fallen-up opened this issue Apr 4, 2024 · 1 comment
Labels
status/duplicate This issue or pull request already exists status/triage/completed Automatic triage completed type/bug Something isn't working

Comments

@fallen-up
Copy link

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here
  • I've tried running main-labeled docker image and the issue still persists there
  • I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

kafka-connects published via https with a self-signed certificate (without any authentication) don't work.

2024-04-04 22:22:16,230 WARN  [reactor-http-epoll-1] r.n.h.c.HttpClientConnect: [db222941, L:/10.42.43.124:51816 ! R:demo.kafka-connect.test.env/10.130.7.179:443] The connection observed an error
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
	at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)

it's works without any problems at version 0.7.1 + fix-issue-4082

maybe there's a relationship to these tasks.
provectus/kafka-ui#4082
provectus/kafka-ui#4083

Expected behavior

No response

Your installation details

1.0.0

    KAFKA_CLUSTERS_0_NAME: "demo-test-env"
    KAFKA_CLUSTERS_0_READONLY: "false"
    KAFKA_CLUSTERS_0_SSL_VERIFYSSL: "false"
    KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: "demo-01.test.env:9093,demo-02.test.env:9093,demo-03.test.env:9093,demo-04.test.env:9093,demo-05.test.env:9093"
    KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL: "SSL"
    KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_LOCATION: "/ssl/demo-test-env/user.p12"
    KAFKA_CLUSTERS_0_SSL_TRUSTSTORELOCATION: "/ssl/demo-test-env/ca.p12"
    KAFKA_CLUSTERS_0_PROPERTIES_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: "https"
    KAFKA_CLUSTERS_0_KAFKACONNECT_0_NAME: "demo.kafka-connect.test.env"
    KAFKA_CLUSTERS_0_KAFKACONNECT_0_ADDRESS: "https://demo.kafka-connect.test.env"

Steps to reproduce

connect to kafka-connect via https&self-signed certificate

Screenshots

No response

Logs

No response

Additional context

No response
@fallen-up fallen-up added status/triage Issues pending maintainers triage type/bug Something isn't working labels Apr 4, 2024
@kapybro kapybro bot added status/triage/manual Manual triage in progress status/triage/completed Automatic triage completed and removed status/triage Issues pending maintainers triage labels Apr 4, 2024
@Haarolean Haarolean self-assigned this Apr 19, 2024
@Haarolean Haarolean mentioned this issue Apr 19, 2024
Closed
@Haarolean Haarolean removed their assignment Apr 19, 2024
@Haarolean Haarolean added status/duplicate This issue or pull request already exists and removed status/triage/manual Manual triage in progress labels Apr 19, 2024
@Haarolean
Copy link
Member

A duplicate of #53

@Haarolean Haarolean closed this as not planned Won't fix, can't repro, duplicate, stale Apr 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/duplicate This issue or pull request already exists status/triage/completed Automatic triage completed type/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Haarolean @fallen-up