i am able to connect to localhost with port 9092 i am able to create topic, produce and consume message on localhost port 9092 but unable to configure kafka with SSL
below is my server.properties file
############################# Server Basics #############################
The id of the broker. This must be set to a unique integer for each broker.
broker.id=1
change your.host.name by your machine’s IP or hostname
security.inter.broker.protocol=SSL
ssl.client.auth=none
listeners=PLAINTEXT://0.0.0.0:9092,SSL://0.0.0.0:9093
advertised.listeners=PLAINTEXT://ka-1.kpit.com:9092,SSL://ka-1.kpit.com:9093
ssl.keystore.location=/opt/kafka/ssl/kafka01.keystore.jks
ssl.keystore.password=serversecret
ssl.key.password=serversecret
ssl.truststore.location=/opt/kafka/ssl/kafka.truststore.jks
ssl.truststore.password=serversecret
Switch to enable topic deletion or not, default value is false
delete.topic.enable=true
############################# Log Basics #############################
A comma seperated list of directories under which to store log files
log.dirs=/data/kafka
The default number of log partitions per topic. More partitions allow greater
parallelism for consumption, but this will also result in more files across
the brokers.
num.partitions=8
we will have 3 brokers so the default replication factor should be 2 or 3
default.replication.factor=1
number of ISR to have in order to minimize data loss
min.insync.replicas=1
############################# Log Retention Policy #############################
The minimum age of a log file to be eligible for deletion due to age
this will delete data after a week
log.retention.hours=168
The maximum size of a log segment file. When this size is reached a new log segment will be created.
log.segment.bytes=1073741824
The interval at which log segments are checked to see if they can be deleted according
to the retention policies
log.retention.check.interval.ms=300000
############################# Zookeeper #############################
Zookeeper connection string (see zookeeper docs for details).
This is a comma separated host:port pairs, each corresponding to a zk
server. e.g. “127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002”.
You can also append an optional chroot string to the urls to specify the
root directory for all kafka znodes.
zookeeper.connect=10.52.55.13:2181/kafka
Timeout in ms for connecting to zookeeper
zookeeper.connection.timeout.ms=6000
############################## Other ##################################
I recommend you set this to false in production.
We’ll keep it as true for the course
auto.create.topics.enable=true
############################# Internal Topic Settings #############################
The replication factor for the group metadata internal topics “__consumer_offsets” and
#“__transaction_state”
For anything other than development testing, a value greater than 1 is recommended to ensure availability such as 3.
offsets.topic.replication.factor=1
transaction.state.log.replication.factor=1
transaction.state.log.min.isr=1
i am getting below error after i have installed certificate
CONNECTED(00000003)
140388152005952:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:…/ssl/record/ssl3_record.c:331:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 5 bytes and written 210 bytes
Verification: OK
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1678897895
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no