Spring Kafka SSL setup in Spring boot application.yml
According to discussion and to enable kafka ssl configuration, first need to enable and set ssl properties in consumerFactory
@Bean
public ConsumerFactory<String, ReportingTask> consumerFactory() {
Map<String, Object> props = new HashMap<>();
props.put(ConsumerConfig.BOOTSTRAP_SERVERS_CONFIG, bootstrapServers);
props.put(ConsumerConfig.GROUP_ID_CONFIG, groupId);
props.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
props.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, JsonSerializable.class);
props.put(ConsumerConfig.CLIENT_ID_CONFIG, clientId);
props.put(ConsumerConfig.ENABLE_AUTO_COMMIT_CONFIG, enableAutoCommit);
props.put(ConsumerConfig.AUTO_COMMIT_INTERVAL_MS_CONFIG, autoCommitInterval);
props.put(ConsumerConfig.SESSION_TIMEOUT_MS_CONFIG, sessionTimeout);
props.put(ConsumerConfig.MAX_POLL_RECORDS_CONFIG, maxRecords);
props.put(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, offSet);
if (sslEnabled) {
props.put("security.protocol", "SSL");
props.put("ssl.truststore.location", trustStoreLocation);
props.put("ssl.truststore.password", trustStorePassword);
props.put("ssl.key.password", keyStorePassword);
props.put("ssl.keystore.password", keyStorePassword);
props.put("ssl.keystore.location", keyStoreLocation);
}
return new DefaultKafkaConsumerFactory<>(props, new StringDeserializer(), new JsonDeserializer<>(Task.class));
}
And copy the certificates into docker container
COPY ssl/stage/* /var/lib/kafka/stage/
spring kafka ssl classpath truststore
The file is read by Kafka, not Spring.
Kafka has no knowledge of Spring's classpath resource abstraction.
I think you are mistaken about boot; it only works there if the jar is exploded; boot has this code in KafkaProperties
...
map.from(this::getTrustStoreLocation).as(this::resourceToPath)
.to(properties.in(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG));
...
private String resourceToPath(Resource resource) {
try {
return resource.getFile().getAbsolutePath();
}
catch (IOException ex) {
throw new IllegalStateException(
"Resource '" + resource + "' must be on a file system", ex);
}
}
To use a truststore from within a jar, you would need to first copy it to a filesystem (e.g. /tmp
) before starting the application context.
Related Topics
How to Check Whether the Given Object Is Object or Array in Json String
Check If a Given Time Lies Between Two Times Regardless of Date
How a Jar File Can Read an External Properties File
How to Print Multiple Variable Lines in Java
Java: How to Print Array Without Square Brackets and Commas
How to Return a HTML Page from a Restful Controller in Spring Boot
Jackson Jsonmappingexception: Can Not Deserialize Instance
How to Hide a Request Field in Swagger API
How to Put a Scanner Input into an Array... for Example a Couple of Numbers
Java Jackson Deserialization of Nested Objects
Check Date Between Two Other Dates Spring Data Jpa
How to Replace a Placeholder in a String With a Simpledateformat Pattern
How to Import Two Classes With the Same Name in Different Packages
Missing Method Body, or Declare Abstract in Java
How to Launch Command in Batch File With Space
The Request Was Rejected Because No Multipart Boundary Was Found in Springboot