Skip to content

Implement a mechanism to skip SSL verification for kafka-connect #268

New issue
New issue
Closed as not planned
Closed as not planned
Implement a mechanism to skip SSL verification for kafka-connect#268
Labels
status/duplicateThis issue or pull request already existsstatus/triage/completedAutomatic triage completedtype/bugSomething isn't working
@fallen-up

Description

@fallen-up
fallen-up
opened on Apr 4, 2024

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here
  • I've tried running main-labeled docker image and the issue still persists there
  • I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

kafka-connects published via https with a self-signed certificate (without any authentication) don't work.

2024-04-04 22:22:16,230 WARN  [reactor-http-epoll-1] r.n.h.c.HttpClientConnect: [db222941, L:/10.42.43.124:51816 ! R:demo.kafka-connect.test.env/10.130.7.179:443] The connection observed an error
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
	at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)

it's works without any problems at version 0.7.1 + fix-issue-4082

maybe there's a relationship to these tasks.
provectus/kafka-ui#4082
provectus/kafka-ui#4083

Expected behavior

No response

Your installation details

1.0.0

    KAFKA_CLUSTERS_0_NAME: "demo-test-env"
    KAFKA_CLUSTERS_0_READONLY: "false"
    KAFKA_CLUSTERS_0_SSL_VERIFYSSL: "false"
    KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: "demo-01.test.env:9093,demo-02.test.env:9093,demo-03.test.env:9093,demo-04.test.env:9093,demo-05.test.env:9093"
    KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL: "SSL"
    KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_LOCATION: "/ssl/demo-test-env/user.p12"
    KAFKA_CLUSTERS_0_SSL_TRUSTSTORELOCATION: "/ssl/demo-test-env/ca.p12"
    KAFKA_CLUSTERS_0_PROPERTIES_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: "https"
    KAFKA_CLUSTERS_0_KAFKACONNECT_0_NAME: "demo.kafka-connect.test.env"
    KAFKA_CLUSTERS_0_KAFKACONNECT_0_ADDRESS: "https://demo.kafka-connect.test.env"

Steps to reproduce

connect to kafka-connect via https&self-signed certificate

Screenshots

No response

Logs

No response

Additional context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    status/duplicateThis issue or pull request already existsstatus/triage/completedAutomatic triage completedtype/bugSomething isn't working

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions