2424import io .kafbat .ui .serde .api .PropertyResolver ;
2525import io .kafbat .ui .serde .api .SchemaDescription ;
2626import io .kafbat .ui .serdes .BuiltInSerde ;
27+ import io .kafbat .ui .service .ssl .SkipSecurityProvider ;
2728import io .kafbat .ui .util .jsonschema .AvroJsonSchemaConverter ;
2829import io .kafbat .ui .util .jsonschema .ProtobufSchemaConverter ;
2930import java .net .URI ;
3435import java .util .Optional ;
3536import java .util .concurrent .Callable ;
3637import javax .annotation .Nullable ;
38+ import javax .net .ssl .TrustManagerFactory ;
3739import lombok .SneakyThrows ;
3840import org .apache .kafka .common .config .SslConfigs ;
3941
@@ -80,7 +82,8 @@ public void autoConfigure(PropertyResolver kafkaClusterProperties,
8082 kafkaClusterProperties .getProperty ("schemaRegistrySsl.keystoreLocation" , String .class ).orElse (null ),
8183 kafkaClusterProperties .getProperty ("schemaRegistrySsl.keystorePassword" , String .class ).orElse (null ),
8284 kafkaClusterProperties .getProperty ("ssl.truststoreLocation" , String .class ).orElse (null ),
83- kafkaClusterProperties .getProperty ("ssl.truststorePassword" , String .class ).orElse (null )
85+ kafkaClusterProperties .getProperty ("ssl.truststorePassword" , String .class ).orElse (null ),
86+ kafkaClusterProperties .getProperty ("ssl.verifySsl" , Boolean .class ).orElse (true )
8487 ),
8588 kafkaClusterProperties .getProperty ("schemaRegistryKeySchemaNameTemplate" , String .class ).orElse ("%s-key" ),
8689 kafkaClusterProperties .getProperty ("schemaRegistrySchemaNameTemplate" , String .class ).orElse ("%s-value" ),
@@ -106,7 +109,8 @@ public void configure(PropertyResolver serdeProperties,
106109 serdeProperties .getProperty ("keystoreLocation" , String .class ).orElse (null ),
107110 serdeProperties .getProperty ("keystorePassword" , String .class ).orElse (null ),
108111 kafkaClusterProperties .getProperty ("ssl.truststoreLocation" , String .class ).orElse (null ),
109- kafkaClusterProperties .getProperty ("ssl.truststorePassword" , String .class ).orElse (null )
112+ kafkaClusterProperties .getProperty ("ssl.truststorePassword" , String .class ).orElse (null ),
113+ kafkaClusterProperties .getProperty ("ssl.verifySsl" , Boolean .class ).orElse (true )
110114 ),
111115 serdeProperties .getProperty ("keySchemaNameTemplate" , String .class ).orElse ("%s-key" ),
112116 serdeProperties .getProperty ("schemaNameTemplate" , String .class ).orElse ("%s-value" ),
@@ -136,7 +140,9 @@ private static SchemaRegistryClient createSchemaRegistryClient(List<String> urls
136140 @ Nullable String keyStoreLocation ,
137141 @ Nullable String keyStorePassword ,
138142 @ Nullable String trustStoreLocation ,
139- @ Nullable String trustStorePassword ) {
143+ @ Nullable String trustStorePassword ,
144+ boolean verifySsl
145+ ) {
140146 Map <String , String > configs = new HashMap <>();
141147 if (username != null && password != null ) {
142148 configs .put (BASIC_AUTH_CREDENTIALS_SOURCE , "USER_INFO" );
@@ -166,6 +172,13 @@ private static SchemaRegistryClient createSchemaRegistryClient(List<String> urls
166172 keyStorePassword );
167173 }
168174
175+ if (!verifySsl ) {
176+ configs .put (
177+ SchemaRegistryClientConfig .CLIENT_NAMESPACE + SslConfigs .SSL_TRUSTMANAGER_ALGORITHM_CONFIG ,
178+ SkipSecurityProvider .NAME
179+ );
180+ }
181+
169182 return new CachedSchemaRegistryClient (
170183 urls ,
171184 1_000 ,
0 commit comments