How can a mid server in local network connect Hermes Kafka?

Masa29
Tera Contributor

‎01-23-2025 08:11 AM - edited ‎01-23-2025 08:31 AM

We are trying to replicate data from ServiceNow to our local Kafka servers. We are using Stream Connect message replication through mid server. 

Does mid server connects Hermes Kafka through standard Kafka protocol (direct connection) or other mechanism like Kafka Rest API?

Our mid server is behind a firewall in a local network. Since proxy is not supported by standard Kafka, how can we connect Hermes Kafka from our local network?

0 Helpfuls
  • 820 Views
3 REPLIES 3

ChrisBurks
Giga Sage

‎01-23-2025 12:22 PM

Depending how you are connecting to Kafka, tie it to a MID Server

If you can connect directly to the Kafka database below is an example Data Source.

Notice the "Type" and "Use MID Server" fields
ChrisBurks_0-1737651406173.png

 

Or if setting up a REST Message record in the Platform Web Service module the MID server can be set via script

Platform Web Service example:

ChrisBurks_1-1737652085544.png

 

Or if using a REST Step in Flow Designer make sure to check the "Use MID" field

ChrisBurks_2-1737654360239.png

 

 

 

 

0 Helpfuls

Masa29
Tera Contributor
In response to ChrisBurks

‎01-24-2025 12:34 PM

Thanks for the reply. I think it's different. We are using the OOB Stream Connect Message Replication of Servicenow.  I believe the connection between Mid Server and Stream Connect Hermes Kafka is implemented by a MIDExtension - MessageReplicationExtension implemented by ServiceNow, which is transparent to end users.

0 Helpfuls

Liju John
Tera Expert

Monday

 

🧩 KB 2349888 Summary – “FAILED: Source not found”

Applies to:
ServiceNow Stream Connect / Hermes Kafka Message Replication

Symptom:
Replication record (sys_kafka_topic_replication) shows

Status: FAILED  
Error message: Source not found

MID logs include:

<uxa-sync-service>
  <receive_message>Unable to receive message ... Reason: HermesIllegalStateException</receive_message>
  <send_message>Unable to create topic ... Reason: HermesIllegalStateException</send_message>
</uxa-sync-service>

⚙️ Root Cause

The MID Server cannot reach the Hermes gateway (ServiceNow’s internal Kafka broker endpoint).
This is a network/TLS connectivity issue, not a configuration error in the topic record itself.

  1. Verify Hermes Port Access
    Run from the MID Server shell:

    openssl s_client -connect <your_instance>.service-now.com:4000 -servername <your_instance>.service-now.com

    • If you see a valid TLS certificate → connectivity ok

    • If you see connect: Connection timed out or refused → firewall/proxy blocking port 4000

  2. Firewall Requirements
    The MID must have outbound access through the firewall to:

    • Host: <instance>.service-now.com

    • Ports: 4000–4020 (exact range per documentation)

    • Protocol: TCP / TLS (used by Hermes)

  3. Network Team Action
    Ask your network administrator to open the Hermes port range (4000–4020) for outbound connections from your MID subnet or Kubernetes namespace.

  4. Re-run replication
    Once the ports are open and the TLS test succeeds, re-trigger the replication job or restart the MID to re-initialize the Hermes connection.

Check Command / Step Expected Result

TLS connectivityopenssl s_client -connect instance.service-now.com:4000 -servername instance.service-now.comSuccessful handshake
Firewall ports4000–4020 open (TCP)Reachable
After fixRe-run topic replicationStatus → SUCCESS

So in your case, the “Source not found” failure is not because Hermes lacks the topic — it’s because your MID Server can’t reach Hermes on port 4000.
→ Once you confirm connectivity with the openssl command (or open that port range), your replication jobs should succeed.

0 Helpfuls