Kafka SSL credentials fields
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of Kafka SSL credentials fields
This guide explains the various fields available on the Kafka SSL credentials form used within ServiceNow to configure secure Kafka connections. It covers three common security protocols:SSL,SASLSSL, andSASLPLAINTEXT. Understanding these fields helps you correctly input and manage Kafka security credentials to establish encrypted and authenticated connections with your Kafka servers.
Show less
Kafka SSL Security Protocol Fields
- SSL keystore: Base64-encoded content of your server.keystore.jks file, which contains server certificates.
- SSL keystore type: Format of the keystore, defaulting to Java KeyStore (JKS).
- SSL keystore password: Password protecting the keystore, matching Apache Kafka’s ssl.keystore.password property.
- SSL key password: Password for the private key, matching Kafka’s ssl.key.password property.
- SSL truststore: Base64-encoded content of the client.truststore.jks file, containing trusted certificates.
- SSL truststore type: Format of the truststore file, default JKS.
- SSL truststore password: Password for the truststore, matching Kafka’s ssl.truststore.password property.
- SSL provider: Specifies the security provider for SSL connections.
- Disable hostname verification: Option to turn off hostname verification during SSL handshake.
- Additional Kafka consumer properties: Semicolon-separated list of extra Kafka consumer settings (e.g., ssl.protocol=TLSv1.2).
Kafka SASLSSL Security Protocol Fields
- SSL truststore, SSL truststore type, SSL truststore password, SSL provider, and Disable hostname verification: Same as SSL protocol.
- User name: Username for SASL authentication used in JAAS configuration.
- Password: Password for SASL authentication; stored encrypted and not visible.
- Additional Kafka consumer properties: Semicolon-separated string for extra consumer properties.
Kafka SASLPLAINTEXT Security Protocol Fields
- User name and Password: Credentials used for SASL authentication via JAAS, stored encrypted.
- Additional Kafka consumer properties: Optional semicolon-separated Kafka consumer settings.
Practical Application for ServiceNow Customers
By correctly filling these fields, ServiceNow customers can securely connect their Kafka consumers or producers to Kafka clusters using the appropriate security protocols. The form fields map directly to Kafka’s native SSL and SASL configurations, ensuring compatibility and security. Including additional Kafka consumer properties allows for customization of the connection according to your Kafka environment’s requirements.
Passwords are securely stored in encrypted form and are never displayed after entry, enhancing security. Disabling hostname verification is optional and should be used cautiously based on your security policies.
Description of the fields on the Kafka SSL credentials form.
| FIeld | Description |
|---|---|
| SSL keystore | The content of an actual server.keystore.jks file, encoded as a Base64 string. |
| SSL keystore type | Format of the SSL keystore file. Default: Java KeyStore (JKS). |
| SSL keystore password | Password to the keystore, identical to the value of the ssl.keystore.password property in Apache Kafka. |
| SSL key password | Password, identical to the ssl.key.password property value in Apache Kafka. |
| SSL truststore | The content of an actual client.truststore.jks file, encoded as a Base64 string. |
| SSL truststore type | Format of the truststore file. Default: Java KeyStore (JKS). |
| SSL truststore password | Password to the truststore, identical to the value of the ssl.truststore.password property in Apache Kafka. |
| SSL provider | Name of the security provider used for SSL connections. |
| Disable hostname verification | Option to disable verification of the hostname. |
| Additional Kafka consumer properties | Semicolon-separated string of additional Kafka consumer properties. For example: ssl.protocol=TLSv1.2;ssl.enabled.protocols=TLSv1.2,TLSv1.1 |
| FIeld | Description |
|---|---|
| SSL truststore | The content of an actual client.truststore.jks file, encoded as a Base64 string. |
| SSL truststore type | Format of the SSL truststore file. Default: Java KeyStore (JKS). |
| SSL truststore password | Password to the truststore, identical to the value of the ssl.truststore.password property in Apache Kafka. |
| SSL provider | Name of the security provider used for SSL connections. |
| Disable hostname verification | Option to disable verification of the hostname. |
| User name | The user name, if any, associated with this credential. Note: The specified user name is used for SASL authentication using JAAS. The
following JAAS configuration is passed to the Kafka Server:
org.apache.kafka.common.security.plain.PlainLoginModule required
username=<user_name> password=<password> |
| Password | The password associated with this credential. Note:
|
| Additional Kafka consumer properties | Semicolon-separated string of additional Kafka consumer properties. For example: ssl.protocol=TLSv1.2;ssl.enabled.protocols=TLSv1.2,TLSv1.1 |
| User name | The user name, if any, associated with this credential. Note: The specified user name is used for SASL authentication using JAAS. The
following JAAS configuration is passed to the Kafka Server:
org.apache.kafka.common.security.plain.PlainLoginModule required
username=<user_name> password=<password> |
| Password | The password associated with this credential. Note:
|
| Additional Kafka consumer properties | Semicolon-separated string of additional Kafka consumer properties. For example: ssl.protocol=TLSv1.2;ssl.enabled.protocols=TLSv1.2,TLSv1.1 |