[ https://issues.apache.org/jira/browse/KAFKA-12628?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
raphael auv updated KAFKA-12628: -------------------------------- Description: *SslChannelBuilder reconfigure is never call ->* [https://github.com/apache/kafka/blob/fe1804370680b965a68fdd2978e2afa450daafe4/clients/src/main/java/org/apache/kafka/common/network/SslChannelBuilder.java#L91] That mean that the SSL context ( keystore file or trustore file changes ) is never re-evaluate at run time of the consumer or producers. So the code checking if there is a new SSL context is never call [https://github.com/apache/kafka/blob/fe1804370680b965a68fdd2978e2afa450daafe4/clients/src/main/java/org/apache/kafka/common/security/ssl/SslFactory.java#L121] how to reproduce: delete or edit the keystore , consumer or producer do not detect the change. was: *SslChannelBuilder reconfigure is never call ->* [https://github.com/apache/kafka/blob/fe1804370680b965a68fdd2978e2afa450daafe4/clients/src/main/java/org/apache/kafka/common/network/SslChannelBuilder.java#L91] That mean that the SSL context ( keystore file or trustore file changes ) is never re-evaluate at run time of the consumer or producers. So the code checking if there is a new SSL context is never call [https://github.com/apache/kafka/blob/fe1804370680b965a68fdd2978e2afa450daafe4/clients/src/main/java/org/apache/kafka/common/security/ssl/SslFactory.java#L121] > SSL context is never re-evaluate by consumer or producer > -------------------------------------------------------- > > Key: KAFKA-12628 > URL: https://issues.apache.org/jira/browse/KAFKA-12628 > Project: Kafka > Issue Type: Improvement > Affects Versions: 2.7.0 > Reporter: raphael auv > Priority: Major > > *SslChannelBuilder reconfigure is never call ->* > [https://github.com/apache/kafka/blob/fe1804370680b965a68fdd2978e2afa450daafe4/clients/src/main/java/org/apache/kafka/common/network/SslChannelBuilder.java#L91] > That mean that the SSL context ( keystore file or trustore file changes ) is > never re-evaluate at run time of the consumer or producers. > So the code checking if there is a new SSL context is never call > [https://github.com/apache/kafka/blob/fe1804370680b965a68fdd2978e2afa450daafe4/clients/src/main/java/org/apache/kafka/common/security/ssl/SslFactory.java#L121] > > > how to reproduce: > delete or edit the keystore , consumer or producer do not detect the change. -- This message was sent by Atlassian Jira (v8.3.4#803005)