Kafka: accepting unauthenticated connections is insecure

Kafka serves as a block in a log shipping solution, data lake solutions, messaging and queue solutions. As such it is a vital and sensitive part of information security.

Accepting a widely unauthenticated connections can be insecure.

Problem

In server.properties, producer.properties, consumer.properties:

ssl.client.auth=requested

Or

ssl.client.auth=none

Fix

In server.properties, producer.properties, consumer.properties:

ssl.client.auth=required

See

• Kafka: SSL, and authentication