Alla Tumarkin created KAFKA-5519:
------------------------------------
Summary: Support for multiple certificates in a single keystore
Key: KAFKA-5519
URL: https://issues.apache.org/jira/browse/KAFKA-5519
Project: Kafka
Issue Type: New Feature
Components: security
Affects Versions: 0.10.2.1
Reporter: Alla Tumarkin
Background
Currently, we need to have a keystore exclusive to the component with exactly
one key in it. Looking at the JSSE Reference guide, it seems like we would need
to introduce our own KeyManager into the SSLContext which selects a
configurable key alias name.
https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/X509KeyManager.html
has methods for dealing with aliases.
The goal here to use a specific certificate (with proper ACLs set for this
client), and not just the first one that matches.
Looks like it requires a code change to the SSLChannelBuilder
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
