Uploaded image for project: 'AMQ Streams'
  1. AMQ Streams
  2. ENTMQST-1217

Add PKCS12 format to KafkaUser and cluster CA certificate secrets

XMLWordPrintable

    • 0
    • 2019.13, 2019.14

      • RFE: Add JKS format to KafkaUser secrets
      • The user.key secrets are X509 format. To create a JKS keystore, the user needs to convert the secrets to PKCS12 format with openssl command(JDK keytool cannot create keystore from X509 format [1]).
      • Almost all container images don’t include openssl command, so it cannot generate JKS keystore when to start.
      • As workarounds, the user can use Init Container[2]. Or the user can execute openssl manually for each KafkaUser secrets in advance.

      [1] https://bugs.openjdk.java.net/browse/JDK-8189321
      [2] https://docs.openshift.com/container-platform/4.1/nodes/containers/nodes-containers-init.html

              ppatiern Paolo Patierno
              rhn-support-tyamashi Tomonari Yamashita
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: