producer = KafkaProducer(
bootstrap_servers='kafka.XXXX.dev:9093',
security_protocol='SASL_SSL',
sasl_mechanism='PLAIN',
sasl_plain_username=sasl_plain_username,
sasl_plain_password=sasl_plain_password,
ssl_cafile='/path/to/CARoot.pem',
ssl_certfile='/path/to/certificate.pem',
ssl_keyfile='/path/to/Private_key.pem',
value_serializer=lambda v: json.dumps(v).encode('utf-8')
)
The above producer gives me ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)
ssl_cafile is pem generated from the truststore.jks with alias CAROOT
ssl_certfile is certificate pem generated from keystore.jks with alias localhost
ssl_keyfile is private key pem generated from keystore.jks with alias localhost
Is there anything wrong with the configuration?.
I tried to regenerate all pem files with
keytool -exportcert -alias $alias -keystore $keyStore -rfc -file $outputFolder/certificate.pem -storepass $password
keytool -v -importkeystore -srckeystore $keyStore -srcalias $alias -destkeystore $outputFolder/cert_and_key.p12 -deststoretype PKCS12 -storepass $password -srcstorepass $password
openssl pkcs12 -in $outputFolder/cert_and_key.p12 -nodes -nocerts -out $outputFolder/key.pem -passin pass:$password
keytool -exportcert -alias $alias -keystore $trusttore -rfc -file $outputFolder/CARoot.pem -storepass $password
but got same result.