| Author |
Message
|
| IIBV10Newbie |
 Posted: Wed Jul 19, 2017 10:56 am Post subject: IIB V10 Kafka producer SSL issue |
 |
|
Newbie
Joined: 19 Jul 2017
Posts: 3
|
Hello Team,
I am trying to work with a SSL based kafka topic.
I have setup the properties on Kafka producer node and ran the below commands for setting up keystore and trustore where my kafka certificates are stored.
mqsichangeproperties TESTNODE_z0019z5 -o BrokerRegistry -n brokerKeystoreFile -v C:\Git\das_egiftcard_publisher-v1\keystores\keystore.jks
mqsichangeproperties TESTNODE_z0019z5 -o BrokerRegistry -n brokerTruststoreFile -v C:\Git\das_egiftcard_publisher-v1\keystores\trustore.jks
mqsisetdbparms TESTNODE_z0019z5 -n brokerKeystore::password -u temp -p changeit
mqsisetdbparms TESTNODE_z0019z5 -n brokerTruststore::password -u temp -p changeit
Restarted the node after these commands.
I can see error in event log after I publish
Failed to initialise Kafka output connector. Reason ''Failed to construct kafka producer''.
Initialising the Kafka output connector failed with reason ''Failed to construct kafka producer''. Possible causes are:
1) None of the Kafka servers defined in 'Bootstrap Servers' property can be contacted.
2) If using an SSL connection, the SSL configuration is incorrect.
3) If using SASL authentication, the credentials are incorrectly configured.
4) The Kafka client could not be loaded.
Verify the Kafka servers are available at tha addresses specified in the 'Bootstrap Servers' property. If connecting to Kafka using an SSL connection, verify the SSL configuration properties match those required by the Kafka server. If connecting to Kafka using an SSL connection and have configured a SSL truststore, verify the truststore contains certificates which can validate those provided by the Kafka server. Further information on the cause of the failure may be available by enabling more detailed logging from the Kafka client in the log4j properties file.
From these properties only thing I can think of is SSL properties. IS there some other command/step which is missing. |
|
| Back to top |
|
 |
| IIBV10Newbie |
| Posted: Wed Jul 19, 2017 11:46 am Post subject: |
|
|
Newbie
Joined: 19 Jul 2017
Posts: 3
|
Just an additional info.
Non SSL works and I am able to produce and consume |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Jul 19, 2017 1:19 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| IIBV10Newbie wrote: |
Just an additional info.
Non SSL works and I am able to produce and consume |
How are you talking to Kafka. Are you using the broker wide listener or the eg wide listener? 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| IIBV10Newbie |
| Posted: Thu Jul 20, 2017 4:33 am Post subject: |
|
|
Newbie
Joined: 19 Jul 2017
Posts: 3
|
I didnt get you. I have deployed producer and consumer on same EG. Ran the commands above which i feel are broker wide.
Is there some specific setting which we need to do for SSL handshake between broker and kafka? For HTPS nodes we enable the ssl connector and use almost similar commands and I tried those and it works.
New to kafka nodes so I am kind of stuck. I tried same keystore and truststore in Camel code and it works fine. So creds are fine.
Only problem I see is something missing which we need to enable before making SSL connection to kafka.
Or some limitation in developers version of V10 as I downloaded that for kafka nodes POC only. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Thu Jul 20, 2017 5:44 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Start by seeing what Kafka is complaining about, and or logging.
It's useless doing anything with broker without knowing why Kafka won't let you connect.
_________________
chmod -R ugo-wx / |
|
| Back to top |
|
|
| aruncg |
| Posted: Tue Sep 07, 2021 1:50 am Post subject: Any solution/workaround on this Kafka producer node issue |
|
|
Novice
Joined: 08 Mar 2013
Posts: 22
|
Hi,
Did you manage to identify the root cause and fix the issue? I am also facing same issue.
Thanks in advance
CG |
|
| Back to top |
|
|
|
|
