...
The HTTPS listener (when configured in listeners
) will by default use the SSL configuration from the ssl.*
options. In case the user needs to use different SSL configuration for connecting to Kafka brokers and for the REST interface, the default settings can be overridden by using the prefix listeners.https.
- for example:listeners.https.ssl.keystore.location=/my/path/keystore.jks
The rest.advertised.host.name
and rest.advertised.port
options will continue to be used as today to specify the connection address which should be used by other workers. In addition a new option rest.advertised.security.protocol
will define whether the
This proposal doesn't include any authorization / ACL features. Only encryption and authentication. Authorization / ACLs should be subject of separate KIP in order to keep the scope of this KIP under control.
...