Do you know how can I disable Kafka hostname verification for using Kafka scripts such as kafka-console-consumer.sh?
This is my config right now:
security.protocol=SASL_SSL
ssl.endpoint.identification.algorithm=
sasl.mechanism=JWT
I have set the ssl.endpoint.identification.algorithm to an empty string as you see above, but still I get this error:
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
I call the script as follows:
$KAFKAHOME/bin/kafka-console-consumer.sh \
--consumer.config myconfig.config \
--bootstrap-server  myaddress:myport\
--topic mytopic
I believe your client config is missing a path to the truststore file.
For example, this is my client.properties file
security.protocol=SSL
ssl.truststore.location=/security/server/server-truststore.jks
ssl.endpoint.identification.algorithm=
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With