...
When connecting to ZooKeeper via the secure port, the client is automatically authenticated with credentials associated with the client certificate. Specifically, the connection adds auth info with the scheme “x509” and the ACL ID set to the client certificate principal name.
X509 Authentication Provider
By default, authentication is performed by the X509AuthenticationProvider, corresponding to the auth scheme “x509.” This is initialized with server certificates and trusted client certificates specified according to the following properties:
Code Block | ||||
---|---|---|---|---|
| ||||
zookeeper.ssl.keyStore.location
zookeeper.ssl.keyStore.password
zookeeper.ssl.trustStore.location
zookeeper.ssl.trustStore.password |