THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Current state: Under Discussion
JIRA: Not yet
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
...
Proposed Change
This KIP proposes adding
...
enabling SSL support in the Jetty HTTP server. Jetty already supports SSL / TLS. So the main work in this KIP will be around enabling and configuring SSL / TLS.
Public Interfaces
Configuration of SSL / TLS for the Kafka Connect REST interface will follow the configuration for other SSL / TLS enabled server interfaces. It will be done through the properties configuration file for the distributed Kafka Connect workers. It will add following new options:
- rest.security.protocol
- rest.ssl.keystore.location
- rest.ssl.keystore.password
- rest.ssl.keystore.type
- rest.ssl.key.password
- rest.ssl.truststore.location
- rest.ssl.truststore.password
- rest.ssl.truststore.type
- rest.ssl.enabled.protocols
- rest.ssl.provider
- rest.ssl.protocol
- rest.ssl.cipher.suites
- rest.ssl.keymanager.algorithm
- rest.ssl.secure.random.implementation
- rest.ssl.trustmanager.algorithm
- rest.ssl.clientAuth
The rest.security.protocol option will support only PLAINTEXT and SSL values. PLAINTEXT will be the default value and will keep all SSL/TLS functionality disabled to keep the backwards compatibility.
Migration Plan and Compatibility
...