I am using Kafka Version 0.10.2.0. Is there a way to secure communication between Zookeper Client i.e ZkClient and zookeper server with SSL. I found some way to do through SASL but i want it through SSL.
Zookeeper 3.5 includes SSL support but it is still in alpha so Kafka doesn't yet support it. The highest supported version is 3.4 which only includes sasl.
Ref: https://issues.apache.org/jira/browse/ZOOKEEPER-1000
This task can still be achieved by a simple workaround mentioned in the steps below;
Install zookeeper-3.5.1-alpha (to use the .jar files. version 3.5+ can be used)
Replace default zookeeper*.jar with /zookeeper-3.5.1-alpha/zookeeper-3.5.1-alpha.jar in <kafka-installation-folder>\libs
Copy /zookeeper-3.5.1-alpha/lib/netty-3.7.0.Final.jar into <kafka-installation-folder>\libs
Relevant changes to enable SSL on Zookeeper (https://cwiki-test.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide)
Related
While using https://github.com/rabbitmq/cluster-operator I have a working setup with TLS enabled for AMQP. Now I would need to enable MQTT, however I donot find any example of enabling plugins with this operator.
Can someone help with an example of enabling MQTT over RabbitMQ via the cluster operator?
As mentioned in Rabbit MQ Documentation, in order to enable mqtt plugin, we have to add the corresponding plugin name "rabbitmq_mqtt".
Has been changed the RAFT implementation on Corda Version 3 or it is similar to Version 2 and is not possible to disabled TLS v1?
We know Corda use TLS v1.2 but v1 is still active and we need to completely disabled. Is there a way to perform that ?
Thanks!!
There haven't been any changes for that in Corda 3.0, and it's slightly outside our control since it's managed by an external libary we use, Copycat.
I'm just curious why you need to completely disable it – the Raft notary is configured to use TLS v1.2, and you could firewall the Raft ports to only be accessible to cluster members.
I am trying to enable TLS for kafka broker exchanges and had a thought regarding Zookeeper TLS. Currently, on Apache Kafka Documentation I cannot see much mentioned about ZK TLS setup (ok, probably because it's a different apache project) and any possible performance impact.
The question is, can I not have the ONLY broker-client and inter-broker exchanges secured? Do I also need to add TLS to zookeeper? Extra security isn't bad, but is it really necessary to it even for zookeeper?
Zookeeper with TLS is only available in Zookeeper 3.5 which is still in beta. Therefore, Kafka isn't supporting TLS connections to zookeeper yet. Doesn't mean you can't do it but it does mean you won't find much documentation on it and if you run in it on something important, you are putting yourself at risk. In this case, I would say the extra security could hurt.
I have been tasked with integrating ActiveMQ with Weblogic (v 10.3.6.0).
I have downloaded ActiveMQ v 5.10.0, installed it upon the server and browsed to localhost:8161/admin in order to confirm that ActiveMQ is running.
I'm not sure how to progress from here in order to complete my goal. This link:
http://activemq.apache.org/weblogic-integration.html
.. suggests that there are two approaches to deploying ActiveMQ on Weblogic: either deploying a broker as an application or using a J2EE Connector. I'm investigating the latter approach as I have now installed ActiveMQ on the server (which means that I already have a running broker, I assume) but can't find much useful information on the Net about how to do this.
This page:
http://activemq.apache.org/resource-adapter.html
... suggests that it can be done via a JCA Resource Adapter but again does not give any details on how to do it.
If anyone has any advice or guidance, I'd appreciate it.
Thanks in advance.
Did you try this: http://activemq.apache.org/how-to-deploy-activemq-ra-versionrar-to-weblogic.html?
You will have to grab the resource adapter from maven.
Not that your local installation will help you much expect for testing etc. You should deploy AMQ inside WebLogic if you want it to serve as the JMS layer of WebLogic - otherwise a totally standalone installation is fine. But then you're done, and I suspect you want the deployed version non the less.
Folks,
Apache-Camel does not seem to support AMQPs when connecting to Rabbit. Does anyone know if this is somewhere in the pipeline to be built?
When attempting all connections, we get this in Rabbit logs:
error on AMQP connection <0.30060.4>: {ssl_upgrade_error,timeout} (unknown POSIX error)
Thanks!
Current RabbitMQ Camel Component does not support any SSL configuration features. Also, if you take a look to their JIRA it seems there is no ticket open for implementing this (Camel Jira for RabbitMQ Tickets)
You can fill a ticket or, even better, you could modify the existent component to support SSL and donate it to the open source community. If you plan to do this, please read Apache Camel: Contributing