How can I configure the Splunk Add-on for Kafka to use a TLS/SSL certificate to authenticate with a Kafka server? It is necessary to connect to a CloudKafka instance.
An example Python implementation from their documentation:
http://www.cloudkafka.com/docs-python.html
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.check_hostname = True
ssl_context.load_verify_locations("/tmp/ca.pem")
ssl_context.load_cert_chain('/tmp/cert.pem', '/tmp/key.pem')
As mentioned in the Kafka doc (7.2.1), SSL is only supported in the new Consumer and Producer API. The Splunk for Kafka Add-on does not use this new API. See question: Is support for Kafka version 0.9 or higher in the pipeline any time soon?
Apache Kafka is using a dedicated port to establish secure communication between customers and brokers using SSL. You should enable it due to default setting as disable.
You can refer this article, which may help to install SSL on Kafta -
http://kafka.apache.org/documentation.html#security_ssl
TLSv1.2 is activated on the CloudKafka side and client authentification, as well. I tested the dedicated port.