You had me at server_hello

Today I got a bit further and succeeded in getting this error message thrown:

kafka@kafka:~$ echo "Hello, World" | ~/kafka/bin/kafka-console-producer.sh --broker-list localhost:9093 --topic TutorialTopic --producer.config kafka/config/client-ssl.properties > /dev/null
[2021-06-14 00:13:45,647] ERROR Error when sending message to topic TutorialTopic with key: null, value: 12 bytes with error: (org.apache.kafka.clients.producer.internals.ErrorLoggingCallback)
org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake failed
Caused by: javax.net.ssl.SSLProtocolException: Unexpected handshake message: server_hello

A solution to this is suggested here https://github.mindflow.com.cn/strimzi/strimzi-kafka-operator/discussions/4385#discussioncomment-356209. Basically I was using TLS, so I could try not doing that perhaps?

Okay, a bit more digging and looking into the Vertica tutorial saw me through. Now I can write to a Kafka topic over SSL, albeit from within the Kafka VM.

kafka@kafka:~$ echo "Hello, World SSL" | ~/kafka/bin/kafka-console-producer.sh --broker-list localhost:9093 --topic TutorialTopic --producer.config kafka/config/client-ssl.properties > /dev/null
[2021-06-14 01:00:15,860] WARN The configuration 'ssl.client.auth' was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
kafka@kafka:~$ ~/kafka/bin/kafka-console-consumer.sh --bootstrap-server localhost:9093 --topic TutorialTopic --from-beginning --consumer.config kafka/config/client-ssl.properties
Hello, World
Hello, World
Hello, World SSL

Next, I’d like to evidently do this from outside the VM.

Tags: kafka, kafka ssl, terraform