[
https://issues.apache.org/jira/browse/KAFKA-9684?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Badai Aqrandista resolved KAFKA-9684.
-------------------------------------
Resolution: Not A Problem
Java 7 should include SNI names by default.
> Add support for SNI names in SSL request
> ----------------------------------------
>
> Key: KAFKA-9684
> URL: https://issues.apache.org/jira/browse/KAFKA-9684
> Project: Kafka
> Issue Type: Improvement
> Reporter: Badai Aqrandista
> Priority: Minor
>
> When running Kafka cluster with SSL security behind HA Proxy, we need the
> client to send SSL packets with SNI name extension [1]. This will allow HA
> Proxy to forward the request to the relevant broker behind it (passthrough).
> Java 7 and higher supports this by adding SNIHostName [2] to SSLParameters
> [3].
> [1] https://www.ietf.org/rfc/rfc6066.txt
> [2] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SNIHostName.html
> [3]
> https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setServerNames-java.util.List-
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
