Git Product home page Git Product logo

confluent-platform-security-tools's Introduction

Confluent Platform Security Tools

This repo contains a tool that generates Kafka keystores and trust stores, along with a diagram that explains how keystores and trust stores can be deployed in Kafka.

Both the diagram and the script store the CA in the trust store. The trust store can be configured in other ways, for example, with multiple CAs, or with certificates instead of CAs. However, at this time, the diagram and the script don't address these additional configurations.

User-input vs. Scripted Installation

  • kafka-generate-ssl.sh - asks for user input
  • kafka-generate-ssl-automatic.sh - scripted installation, requires these environment variables to be set (example):
    • COUNTRY
    • STATE
    • ORGANIZATION_UNIT
    • CITY
    • PASSWORD

Example:

export COUNTRY=US
export STATE=IL
export ORGANIZATION_UNIT=SE
export CITY=Chicago
export PASSWORD=secret
bash ./kafka-generate-ssl-automatic.sh

confluent-platform-security-tools's People

Contributors

alexlod avatar ewencp avatar ijuma avatar jfinzel avatar jimgalasyn avatar nikhilbaradwaj avatar sm4rk0 avatar the-thappy avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

ijuma mrauter rbalusup nikhilbaradwaj nagyistge rainy seyedk coughman akamalov markocelan repeatedly kirantech58 mkurian mpls gsi-chao basseljabak1 nandhab bradmontgomery farazmateen myafeier zxlxgd the-thappy qshao-pivotal shashankgoyal171 omkreddy mreddy8182 cyrusv sebastienviale ruilidl panovski001 hdulay sumanreddyk mrasante santhineshkn hmq19900504 thetko85 rushabh2208 96farhan danieljheetch pmogis martinkaburu siddharth234 dmytromorhuldevpro audomaro paulokinho victor-ramos-coderoad-com stefanpapp ping9802 jfinzel chromy96 arian23 shawn35gh mohamed-a-abdelaziz dnwick iamonlysaiful ravi4422 yash-bm-ai ramu11 netsecops sm4rk0 sschimmel anitakwy lkhomenk sagarkites gy0ung-git purwantogz isabella232 badenhorstp avaussant shawcs pvaliska seanm96 amosshapira thybit davidlday suneet-palo smohankarthik joaowicktor boudake1 chetan-vatharkar-tibco venkatsunny gyuan-cars rkumar-erc kvvnrrgopal cheewaphat jankul02 vikasorchestral mikayelagh fininfosolutions estkae blacksst0ff muchemiphilip zhengyd2014 shantek-vn bennaciim aswineverest jawaharm11 frankfanslc vipinev leesonwei

confluent-platform-security-tools's Issues

Wild Card Certs

Hi ,

Have anyone of you used wildcard certs for SSL security in Kafka?

1.) If yes, Can you suggest how to have the super users?
2.) There is an issue with the CN with respect to super.user=User:CN=dev.xy.abc.com, O= "abc , com", L=Morris, ST=NJ, C=US ?
Can anyone help/encountered with the part O while assigning super users?

Unclear license

Could you please add a LICENSE file that explains the terms under which the contents of this repo can be used?

Need help on confluentic kafka security setup.

I am getting error "cannot locate KDC" when confluentic kafka docker is getting started. Zookeeper is starting as service with service principal. I do see kinit working fine from zookeeper or kafka. Any support on this would be appreciated.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.