Kafka SSL credentials fields

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Kafka SSL Credentials Fields

    The Kafka SSL credentials form provides essential fields necessary for establishing secure connections with Kafka. Proper configuration ensures data protection and secure communication between clients and servers.

    Show full answer Show less

    Key Features

    • SSL Keystore: Base64 encoded content of the server's keystore file, defaulting to Java KeyStore (JKS).
    • SSL Keystore Password: Password for the keystore, matching the ssl.keystore.password property in Apache Kafka.
    • SSL Key Password: Password for the SSL key, aligning with the ssl.key.password property.
    • SSL Truststore: Base64 encoded content of the client's truststore file, also defaulting to JKS.
    • SSL Truststore Password: Password for the truststore, matching the ssl.truststore.password property.
    • SSL Provider: Name of the security provider for SSL connections.
    • Disable Hostname Verification: Option to disable hostname verification during SSL connections.
    • User Name and Password: Credentials for SASL authentication, with passwords stored encrypted.
    • Additional Kafka Consumer Properties: Custom properties for Kafka consumers, formatted as semicolon-separated values.

    Key Outcomes

    Correctly configuring SSL credentials enables secure data transmission and protects against unauthorized access in Kafka environments. Customers can expect enhanced security and compliance by utilizing these fields effectively.

    Description of the fields on the Kafka SSL credentials form.

    Table 1. SSL security protocol
    FIeld Description
    SSL keystore The content of an actual server.keystore.jks file, encoded as a Base64 string.
    SSL keystore type Format of the SSL keystore file. Default: Java KeyStore (JKS).
    SSL keystore password Password to the keystore, identical to the value of the ssl.keystore.password property in Apache Kafka.
    SSL key password Password, identical to the ssl.key.password property value in Apache Kafka.
    SSL truststore The content of an actual client.truststore.jks file, encoded as a Base64 string.
    SSL truststore type Format of the truststore file. Default: Java KeyStore (JKS).
    SSL truststore password Password to the truststore, identical to the value of the ssl.truststore.password property in Apache Kafka.
    SSL provider Name of the security provider used for SSL connections.
    Disable hostname verification Option to disable verification of the hostname.
    Additional Kafka consumer properties Semicolon-separated string of additional Kafka consumer properties. For example: ssl.protocol=TLSv1.2;ssl.enabled.protocols=TLSv1.2,TLSv1.1
    Table 2. SASL_SSL security protocol
    FIeld Description
    SSL truststore The content of an actual client.truststore.jks file, encoded as a Base64 string.
    SSL truststore type Format of the SSL truststore file. Default: Java KeyStore (JKS).
    SSL truststore password Password to the truststore, identical to the value of the ssl.truststore.password property in Apache Kafka.
    SSL provider Name of the security provider used for SSL connections.
    Disable hostname verification Option to disable verification of the hostname.
    User name The user name, if any, associated with this credential.
    Note:
    The specified user name is used for SASL authentication using JAAS. The following JAAS configuration is passed to the Kafka Server: org.apache.kafka.common.security.plain.PlainLoginModule required username=<user_name> password=<password>
    Password The password associated with this credential.
    Note:
    • The specified password is used for SASL authentication using JAAS. The following JAAS configuration is passed to the Kafka Server: org.apache.kafka.common.security.plain.PlainLoginModule required username=<user_name> password=<password>
    • The password you specify is invisible. It is stored in the database in encrypted form.
    Additional Kafka consumer properties Semicolon-separated string of additional Kafka consumer properties. For example: ssl.protocol=TLSv1.2;ssl.enabled.protocols=TLSv1.2,TLSv1.1
    Table 3. SASL_PLAINTEXT security protocol
    User name The user name, if any, associated with this credential.
    Note:
    The specified user name is used for SASL authentication using JAAS. The following JAAS configuration is passed to the Kafka Server: org.apache.kafka.common.security.plain.PlainLoginModule required username=<user_name> password=<password>
    Password The password associated with this credential.
    Note:
    • The specified password is used for SASL authentication using JAAS. The following JAAS configuration is passed to the Kafka Server: org.apache.kafka.common.security.plain.PlainLoginModule required username=<user_name> password=<password>
    • The password you specify is invisible. It is stored in the database in encrypted form.
    Additional Kafka consumer properties Semicolon-separated string of additional Kafka consumer properties. For example: ssl.protocol=TLSv1.2;ssl.enabled.protocols=TLSv1.2,TLSv1.1