-
Task
-
Resolution: Done
-
Major
-
None
- RFE: Add JKS format to KafkaUser secrets
- The user.key secrets are X509 format. To create a JKS keystore, the user needs to convert the secrets to PKCS12 format with openssl command(JDK keytool cannot create keystore from X509 format [1]).
- Almost all container images don’t include openssl command, so it cannot generate JKS keystore when to start.
- As workarounds, the user can use Init Container[2]. Or the user can execute openssl manually for each KafkaUser secrets in advance.
[1] https://bugs.openjdk.java.net/browse/JDK-8189321
[2] https://docs.openshift.com/container-platform/4.1/nodes/containers/nodes-containers-init.html
- clones
-
ENTMQST-1217 Add PKCS12 format to KafkaUser and cluster CA certificate secrets
- Closed
- is documented by
-
ENTMQST-1423 [DOC OCP] Add PKCS12 format to KafkaUser, cluster and clients CA certificate secrets
- Closed