Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/python/304.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
卡夫卡python SASL/SCRAM-SHA-256认证_Python_Ssl_Apache Kafka_Kafka Python - Fatal编程技术网
Fatal编程技术网
  • python/
  • 卡夫卡python SASL/SCRAM-SHA-256认证

卡夫卡python SASL/SCRAM-SHA-256认证

python ssl apache-kafka

卡夫卡python SASL/SCRAM-SHA-256认证,python,ssl,apache-kafka,kafka-python,Python,Ssl,Apache Kafka,Kafka Python,我需要使用SASL/SCRAM-SHA-256身份验证连接到python中的Kafka代理。 我使用kafka python(2.0.1)python库,它允许这种连接/身份验证 这是一个例子的代码,但我得到的错误。。。没有经纪人 prod = KafkaProducer(bootstrap_servers='server:9093', security_protocol='SASL_SSL', ssl_cert

我需要使用SASL/SCRAM-SHA-256身份验证连接到python中的Kafka代理。 我使用kafka python(2.0.1)python库,它允许这种连接/身份验证

这是一个例子的代码,但我得到的错误。。。没有经纪人

prod = KafkaProducer(bootstrap_servers='server:9093',
                     security_protocol='SASL_SSL',
                     ssl_certfile='path to ca in pem format',
                     sasl_mechanism='SCRAM-SHA-256',
                     sasl_plain_username='xxx',
                     sasl_plain_password='xxx')
获取以下错误

    ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
20-04-06 09:58:52 - root - 1 - 140658864072256 - MainThread - ERROR - Error in connection to kafka
Traceback (most recent call last):
  File "/*****/*****/dao/kafka_dao.py", line 44, in __init__
    **self.consumer_additional_params)
  File "/opt/app-root/lib/python3.6/site-packages/kafka/consumer/group.py", line 355, in __init__
    self._client = KafkaClient(metrics=self._metrics, **self.config)
  File "/opt/app-root/lib/python3.6/site-packages/kafka/client_async.py", line 242, in __init__
    self.config['api_version'] = self.check_version(timeout=check_timeout)
  File "/opt/app-root/lib/python3.6/site-packages/kafka/client_async.py", line 907, in check_version
    version = conn.check_version(timeout=remaining, strict=strict, topics=list(self.config['bootstrap_topics_filter']))
  File "/opt/app-root/lib/python3.6/site-packages/kafka/conn.py", line 1228, in check_version
    if not self.connect_blocking(timeout_at - time.time()):
  File "/opt/app-root/lib/python3.6/site-packages/kafka/conn.py", line 337, in connect_blocking
    self.connect()
  File "/opt/app-root/lib/python3.6/site-packages/kafka/conn.py", line 426, in connect
    if self._try_handshake():
  File "/opt/app-root/lib/python3.6/site-packages/kafka/conn.py", line 505, in _try_handshake
    self._sock.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 1033, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 645, in do_handshake
    self._sslobj.do_handshake()
我哪里做错了???

除非你想猜测一百万次,否则请提供制作人和经纪人日志。添加了ok日志!!!!所以“证书验证失败”基本上是指您的客户端在尝试建立SSL连接时无法验证服务器证书。您可能需要更新客户端的
信任库
。另一个选项是禁用证书验证,但这不是一个安全的解决方案。我认为有很多关于这些主题的帖子。你说的“更新客户的信任库”是什么意思?不管怎样,ssl\u certfile和ssl\u cafile字段之间有什么区别?从文件上看,它们似乎很相似。。。我在大多数StackOverflow线程中看到人们同时使用这两个字段。他们从jks生成CAroot.pem和certificate.pem…如果我已经有了certificate.pem怎么办?除非你想进行一百万次猜测,请提供制作人和经纪人日志。添加了ok日志!!!!所以“证书验证失败”基本上是指您的客户端在尝试建立SSL连接时无法验证服务器证书。您可能需要更新客户端的
信任库
。另一个选项是禁用证书验证,但这不是一个安全的解决方案。我认为有很多关于这些主题的帖子。你说的“更新客户的信任库”是什么意思?不管怎样,ssl\u certfile和ssl\u cafile字段之间有什么区别?从文件上看,它们似乎很相似。。。我在大多数StackOverflow线程中看到人们同时使用这两个字段。他们从jks生成CAroot.pem和certificate.pem…如果我已经有certificate.pem呢?