Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/apache-kafka/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
使用SSL记录输出卡夫卡->;SSL握手失败_Ssl_Apache Kafka_Ssl Certificate_Logstash - Fatal编程技术网
Fatal编程技术网
  • ssl/
  • 使用SSL记录输出卡夫卡->;SSL握手失败

使用SSL记录输出卡夫卡->;SSL握手失败

ssl apache-kafka logstash

使用SSL记录输出卡夫卡->;SSL握手失败,ssl,apache-kafka,ssl-certificate,logstash,Ssl,Apache Kafka,Ssl Certificate,Logstash,我对卡夫卡和洛格斯塔什还不熟悉。 我想使用logstash作为生产者,并想使用SSL 这是我的日志 input { http { port => 5044 codec => json } } output { kafka { #bootstrap_servers => ["localhost:9093"] bootstrap_servers => ["kafka broker's IP:9093&

我对卡夫卡和洛格斯塔什还不熟悉。 我想使用logstash作为生产者,并想使用SSL

这是我的日志

input {
  http {
    port => 5044
    codec => json
  }
}

output {
  kafka {
    #bootstrap_servers => ["localhost:9093"]
    bootstrap_servers => ["kafka broker's IP:9093"]
    topic_id => "test"
    codec => "json"
    ssl_truststore_location => "/etc/logstash/conf.d/test/kafka.client.truststore.jks"
    ssl_truststore_password => "passwd"
    security_protocol => "SSL"
    #ssl_keystore_location => "/etc/logstash/conf.d/test/kafka.client.keystore.jks"
    #ssl_keystore_password => "passwd"
    #ssl_key_password => "passwd"
  }
}
这是卡夫卡服务器的属性

listeners=PLAINTEXT://:9092, SSL://kafka broker's ip:9093
advertised.listeners=PLAINTEXT://kafka broker's ip:9092,SSL://kafka broker's ip:9093
security.inter.broker.protocol=SSL

#ssl.client.auth=required

ssl.keystore.location=/etc/logstash/conf.d/test/kafka.server.keystore.jks
ssl.keystore.password=dlffpr
ssl.key.password=dlffpr
ssl.truststore.location=/etc/logstash/conf.d/test/kafka.server.truststore.jks
ssl.truststore.password=dlffpr
ssl.endpoint.identification.algorithm=
下面是我如何制作SSL密钥的。 我不确定在制作kafka.server.keystore.jks时在“CN:”中写什么。 没有域名,我只知道它的主机名(它是kafkamanager)和ip地址。 我试图添加-ext“SAN=dns:hostname,ip:kafka代理的ip”

当我启动logstash和kafka时,我得到了这样的错误。 日志存储错误

[org.apache.kafka.common.network.Selector][main] [Producer clientId=producer-1] Failed authentication with /192.168.1.6 (SSL handshake failed)
[2020-06-26T16:56:59,131][ERROR][org.apache.kafka.clients.NetworkClient][main] [Producer clientId=producer-1] Connection to node -1 (/kafka broker's ip:9093) failed authentication due to: SSL handshake failed
[2020-06-26T16:56:59,131][WARN ][org.apache.kafka.clients.NetworkClient][main] [Producer clientId=producer-1] Bootstrap broker kafka broker's ip:9093 (id: -1 rack: null) disconnected
卡夫卡错误

INFO [SocketServer brokerId=0] Failed authentication with /kafka client's ip (SSL handshake failed) (org.apache.kafka.common.network.Selector)
当我设置Kafka的服务器属性(如)并使用“CN:localhost”制作密钥时,它就可以工作了 但是logstash和kafka不在同一台机器上。请给我任何建议。谢谢

listeners=PLAINTEXT://:9092, SSL://localhost:9093
今天我们遇到了同样的问题,试图使用SASL_SSL和两个侦听器(每个侦听器具有不同的IP和DNS名称)启动kafka,我们重现了您的问题。当我们尝试启动Logstash时,不要出现以下错误:

[ERROR][org.apache.kafka.clients.NetworkClient][main] [Producer clientId=producer-1] Connection to node -1 (/kafka broker's ip:9093) failed authentication due to: SSL handshake failed
我们创建一个多域证书,然后设置选项:

ssl.keystore.location
在server.properties(kafka)中,重启服务后,logstash工作正常

ssl.keystore.location