Kafka: accepting unauthenticated connections is insecure
Kafka serves as a block in a log shipping solution, data lake solutions, messaging and queue solutions. As such it is a vital and sensitive part of information security.
Accepting a widely unauthenticated connections can be insecure.
Problem
In server.properties, producer.properties, consumer.properties:
ssl.client.auth=requestedOr
ssl.client.auth=noneFix
In server.properties, producer.properties, consumer.properties:
ssl.client.auth=requiredSee
Updated about 2 months ago