kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wang (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KAFKA-6329) Load trust store as a resource
Date Fri, 08 Dec 2017 01:09:00 GMT
Allen Wang created KAFKA-6329:
---------------------------------

             Summary: Load trust store as a resource
                 Key: KAFKA-6329
                 URL: https://issues.apache.org/jira/browse/KAFKA-6329
             Project: Kafka
          Issue Type: Improvement
          Components: clients
    Affects Versions: 1.0.0, 0.11.0.0, 0.10.2.0
            Reporter: Allen Wang


We would like to publish a Kafka client library with SSL enabled by default and distribute
to internal applications so that they can communicate to our brokers securely. We also need
to distribute a trust store with our internal CA cert. In our library/application ecosystem,
this is the easiest way to enable security without adding burdens to each application to deploy
a certain trust store.

However, that does not seem to be possible as Kafka client assumes that the trust store is
in a local file system and uses FileInputStream which does not work with resources.

https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/common/security/ssl/SslFactory.java

Here is the actual line of code:

{code:java}
in = new FileInputStream(path);
{code}

Ideally we would also like to be able to do this as another way to load trust store:

{code:java}
in = this.getClass().getResourcesAsStream(resourcePath)
{code}






--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message