Kafka: accepting unauthenticated connections is insecure
Kafka serves as a block in a log shipping solution, data lake solutions, messaging and queue solutions. As such it is a vital and sensitive part of information security.
Accepting a widely unauthenticated connections can be insecure.
Problem
In server.properties, producer.properties, consumer.properties
:
ssl.client.auth=requested
Or
ssl.client.auth=none
Fix
In server.properties, producer.properties, consumer.properties
:
ssl.client.auth=required
See
Updated over 1 year ago