[ https://issues.apache.org/jira/browse/KAFKA-9684?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Badai Aqrandista resolved KAFKA-9684. ------------------------------------- Resolution: Not A Problem Java 7 should include SNI names by default. > Add support for SNI names in SSL request > ---------------------------------------- > > Key: KAFKA-9684 > URL: https://issues.apache.org/jira/browse/KAFKA-9684 > Project: Kafka > Issue Type: Improvement > Reporter: Badai Aqrandista > Priority: Minor > > When running Kafka cluster with SSL security behind HA Proxy, we need the > client to send SSL packets with SNI name extension [1]. This will allow HA > Proxy to forward the request to the relevant broker behind it (passthrough). > Java 7 and higher supports this by adding SNIHostName [2] to SSLParameters > [3]. > [1] https://www.ietf.org/rfc/rfc6066.txt > [2] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SNIHostName.html > [3] > https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setServerNames-java.util.List- -- This message was sent by Atlassian Jira (v8.3.4#803005)