[
https://issues.apache.org/jira/browse/KAFKA-8843?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17032915#comment-17032915
]
ASF GitHub Bot commented on KAFKA-8843:
---------------------------------------
omkreddy commented on pull request #8003: KAFKA-8843: KIP-515: Zookeeper TLS
support
URL: https://github.com/apache/kafka/pull/8003
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Zookeeper migration tool support for TLS
> ----------------------------------------
>
> Key: KAFKA-8843
> URL: https://issues.apache.org/jira/browse/KAFKA-8843
> Project: Kafka
> Issue Type: Bug
> Reporter: Pere Urbon-Bayes
> Assignee: Pere Urbon-Bayes
> Priority: Minor
>
> Currently zookeeper-migration tool works based on SASL authentication. What
> means only digest and kerberos authentication is supported.
>
> With the introduction of ZK 3.5, TLS is added, including a new X509
> authentication provider.
>
> To support this great future and utilise the TLS principals, the
> zookeeper-migration-tool script should support the X509 authentication as
> well.
>
> In my newbie view, this should mean adding a new parameter to allow other
> ways of authentication around
> [https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65.
>
> |https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65]
>
> If I understand the process correct, this will require a KIP, right?
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
