If you are dealing with a website, you probably have heard of the SSL (secure sockets layer) certificate. For example, you are trying to access google from your computer and see a green button at the URL. You instantly know this website is secured. It means the website is SSL certified, and your communication with Google is encrypted. SSL is also called TLS (transferred layer security). It encrypts the connection between two endpoints for secure data exchange. In this video we will cover basics of Kafka SSL setup.
There are two ways of using SSL. The first one is the 1-way verification, from the browser to the webserver. The other one is the 2-way verification. It is called SSL authentication.
SSL is one of the key pillars of Kafka security. Kafka can use both ways of verification. In this video, we will learn how to make your Kafka configuration secure.
So, you have Kafka Client and Kafka Server. The first thing you need to do is kafka ssl setup. This is done via a certificate authority. There are about 20 certificate authorities on the public web, but we use private authority for Kafka. To do so, you create a KeyStore to store the certificate. Then, the KeyStore sends a request to the authority for a signed server certificate. Once the certificate is received, it is saved in KeyStore.
On the Kafka client-side, you set up Trust Store for trusting the certificate authority. With this, the Kafka client is ready to handshake with the Server. First, the client requests the server for a signed SSL certificate. The client then verifies it using the trust store. Once verified, it is a secured SSL encrypted communication