kafka-avro-console-consumer:指定架构注册表的信任库位置
kafka-avro-console-consumer: Specify truststore location for schema-registry
我正在使用融合的 kafka-avro-console-consumer,如下所示
/kafka-avro-console-consumer --bootstrap-server <brokers> --topic Topic-out --property schema.registry.url=https://schemaregistry:443/ --consumer.config client-sasl-ssl.properties --from-beginning
它无法连接到架构注册表,出现以下错误,
org.apache.kafka.common.errors.SerializationException: Error deserializing Avro message for id 45
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
这意味着我需要在 java 路径中指定信任库位置,例如(我已经为自定义 java 代码完成了它并且有效)
Djavax.net.ssl.trustStore=truststore.jks -Djavax.net.ssl.trustStoreType=jks --Djavax.net.ssl.trustStorePassword=pass
问题是在 运行 kafka-avro-console-consumer 命令时我在哪里指定上述参数。
试试这个
export SCHEMA_REGISTRY_OPTS="-Djavax.net.ssl.trustStore=/tools/confluent-5.3.0/bin/kafka.client.truststore.jks -Djavax.net.ssl.trustStoreType=jks -Djavax.net.ssl.trustStore密码=通过
将以下内容添加到 client-sasl-ssl.properties 应该可以解决问题:
schema.registry.ssl.truststore.location=TRUSTSTORE_LOCATION
schema.registry.ssl.truststore.password=TRUSTSTORE_PASSWORD
我正在使用融合的 kafka-avro-console-consumer,如下所示
/kafka-avro-console-consumer --bootstrap-server <brokers> --topic Topic-out --property schema.registry.url=https://schemaregistry:443/ --consumer.config client-sasl-ssl.properties --from-beginning
它无法连接到架构注册表,出现以下错误,
org.apache.kafka.common.errors.SerializationException: Error deserializing Avro message for id 45
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
这意味着我需要在 java 路径中指定信任库位置,例如(我已经为自定义 java 代码完成了它并且有效)
Djavax.net.ssl.trustStore=truststore.jks -Djavax.net.ssl.trustStoreType=jks --Djavax.net.ssl.trustStorePassword=pass
问题是在 运行 kafka-avro-console-consumer 命令时我在哪里指定上述参数。
试试这个
export SCHEMA_REGISTRY_OPTS="-Djavax.net.ssl.trustStore=/tools/confluent-5.3.0/bin/kafka.client.truststore.jks -Djavax.net.ssl.trustStoreType=jks -Djavax.net.ssl.trustStore密码=通过
将以下内容添加到 client-sasl-ssl.properties 应该可以解决问题:
schema.registry.ssl.truststore.location=TRUSTSTORE_LOCATION
schema.registry.ssl.truststore.password=TRUSTSTORE_PASSWORD