You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/hdinsight/kafka/apache-esp-kafka-ssl-encryption-authentication.md
+12-12Lines changed: 12 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Set up TLS encryption for communication between Kafka clients and K
4
4
ms.service: hdinsight
5
5
ms.topic: how-to
6
6
ms.custom: hdinsightactive
7
-
ms.date: 04/08/2023
7
+
ms.date: 04/08/2024
8
8
---
9
9
10
10
# Set up TLS encryption and authentication for ESP Apache Kafka cluster in Azure HDInsight
@@ -37,10 +37,10 @@ The summary of the broker setup process is as follows:
37
37
1. Once you have all of the certificates, put the certs into the cert store.
38
38
1. Go to Ambari and change the configurations.
39
39
40
-
Use the following detailed instructions to complete the broker setup:
40
+
Use the following detailed instructions to complete the broker setup:
41
41
42
-
> [!Important]
43
-
> In the following code snippets wnX is an abbreviation for one of the three worker nodes and should be substituted with `wn0`, `wn1` or `wn2` as appropriate. `WorkerNode0_Name` and `HeadNode0_Name` should be substituted with the names of the respective machines.
42
+
> [!Important]
43
+
> In the following code snippets wnX is an abbreviation for one of the three worker nodes and should be substituted with `wn0`, `wn1` or `wn2` as appropriate. `WorkerNode0_Name` and `HeadNode0_Name` should be substituted with the names of the respective machines.
44
44
45
45
1. Perform initial setup on head node 0, which for HDInsight fills the role of the Certificate Authority (CA).
46
46
@@ -146,21 +146,21 @@ To complete the configuration modification, do the following steps:
146
146
> 1. ssl.key.password is the key set for the keystore and trust store. In this case as an example, `MyServerPassword123`
147
147
148
148
1. To Use TLS 1.3 in Kafka, add following configs to the Kafka configs in Ambari.
149
-
1. ssl.enabled.protocols=TLSv1.3
150
-
1. ssl.protocol=TLSv1.3
151
-
152
-
> [!Important]
153
-
> 1. TLS 1.3 works with HDI 5.1 kafka version only.
154
-
> 1. If you use TLS 1.3 at server side, you should use TLS 1.3 configs at client too.
149
+
1. `ssl.enabled.protocols=TLSv1.3`
150
+
1. `ssl.protocol=TLSv1.3`
155
151
152
+
> [!Important]
153
+
> 1. TLS 1.3 works with HDI 5.1 kafka version only.
154
+
> 1. If you use TLS 1.3 at server side, you should use TLS 1.3 configs at client too.
155
+
156
156
1. For HDI version 4.0 or 5.0
157
157
1. If you're setting up authentication and encryption, then the screenshot looks like
158
158
159
-
:::image type="content" source="./media/apache-esp-kafka-ssl-encryption-authentication/properties-file-authentication-as-required.png" alt-text="Screenshot showing how to edit Kafka-env template property in Ambari authentication as required." border="true":::
159
+
:::image type="content" source="./media/apache-esp-kafka-ssl-encryption-authentication/properties-file-authentication-as-required.png" alt-text="Screenshot showing how to edit Kafka-env template property in Ambari authentication as required." border="true":::
160
160
161
161
1. If you are setting up encryption only, then the screenshot looks like
162
162
163
-
:::image type="content" source="./media/apache-esp-kafka-ssl-encryption-authentication/properties-file-authentication-as-none.png" alt-text="Screenshot showing how to edit Kafka-env template property in Ambari authentication as none." border="true":::
163
+
:::image type="content" source="./media/apache-esp-kafka-ssl-encryption-authentication/properties-file-authentication-as-none.png" alt-text="Screenshot showing how to edit Kafka-env template property in Ambari authentication as none." border="true":::
Copy file name to clipboardExpand all lines: articles/hdinsight/kafka/apache-kafka-ssl-encryption-authentication.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -37,11 +37,11 @@ The summary of the broker setup process is as follows:
37
37
1. Once you have all of the certificates, put the certs into the cert store.
38
38
1. Go to Ambari and change the configurations.
39
39
40
-
Use the following detailed instructions to complete the broker setup:
41
-
42
-
> [!Important]
43
-
> In the following code snippets wnX is an abbreviation for one of the three worker nodes and should be substituted with `wn0`, `wn1` or `wn2` as appropriate. `WorkerNode0_Name` and `HeadNode0_Name` should be substituted with the names of the respective machines.
40
+
Use the following detailed instructions to complete the broker setup:
44
41
42
+
> [!Important]
43
+
> In the following code snippets wnX is an abbreviation for one of the three worker nodes and should be substituted with `wn0`, `wn1` or `wn2` as appropriate. `WorkerNode0_Name` and `HeadNode0_Name` should be substituted with the names of the respective machines.
44
+
45
45
1. Perform initial setup on head node 0, which for HDInsight fills the role of the Certificate Authority (CA).
0 commit comments