[ https://issues.apache.org/jira/browse/KAFKA-4413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15674795#comment-15674795 ]
Rajini Sivaram commented on KAFKA-4413: --------------------------------------- Truststore is an optional config. If you don't specify a value, the default truststore (cacerts) is used. Did you run into any issues when truststore was not configured for producer or consumer? > Kakfa should support default SSLContext > --------------------------------------- > > Key: KAFKA-4413 > URL: https://issues.apache.org/jira/browse/KAFKA-4413 > Project: Kafka > Issue Type: Improvement > Components: security > Affects Versions: 0.10.0.1 > Environment: All > Reporter: Wenjie Zhang > Labels: SSLContext, SslFactory, https, ssl > > Currently, to enable SSL in either consumer or producer, we have to provide > trustStore file and password. Ideally, if the Kafka server configured with CA > signed certificate, since JRE includes certain CA ROOT certs inside > "cacerts", Kafka should support SSL without any trustStore file, basically, > we should update > `org.apache.kafka.common.security.ssl.SslFactory.createSSLContext` to use > `SSLContext.getDefault()` when trustStore file is not needed, not sure if > there is any other places needs to be updated for this enhancement -- This message was sent by Atlassian JIRA (v6.3.4#6332)