Kafka: using dated SSL/TLS protocols is insecure
Kafka serves as a block in a log shipping solution, data lake solutions, messaging and queue solutions. As such it is a vital and sensitive part of information security.
Using a dated SSL protocol is not recommended. It is recommended to use TLS 1.2 and up.
Problem
In server.properties, producer.properties, consumer.properties:
ssl.client.auth=TLSv1.1|TLSv1|or others
Fix
In server.properties, producer.properties, consumer.properties:
ssl.client.auth=TLSv1.3
See
Updated 8 months ago