KIP-515 — Enable ZK client to use the new TLS supported authentication
Accepted Kafka 2.5 Security
Adds configuration properties (`zookeeper.ssl.client.enable`, `zookeeper.clientCnxnSocket`, `zookeeper.ssl.keystore.*`, `zookeeper.ssl.truststore.*`) to enable TLS-encrypted communication between Kafka brokers and ZooKeeper 3.5.x+. Previously, Kafka brokers could only communicate with ZooKeeper in plaintext, leaving ZooKeeper coordination traffic unencrypted even in security-hardened environments.
Details
| Author | Pere Urbon |
| Status | Accepted |
| Kafka Version | 2.5 |
| JIRA | KAFKA-8843 |
| Wiki | View on Apache Wiki |
| Created | 2019-08-29 |
| Last Modified | 2020-02-18 |
Explore how this KIP affects the Kafka protocol in the Protocol Explorer, or see the full KIP database.