10

Can any body help the command to list the kafka topics using SSl .

I have got consumer SSL config and producer SSL config commands but dint find the way to list Kafka topics using SSl.

Improve this question
1
  • Using Zookeeper or bootstrap-server? Commented Dec 10, 2019 at 4:00

2 Answers 2

Reset to default
13

You should be able to do that by using the --bootstrap-server option, so specifying Kafka brokers in the bootstrap list, and then the --command-config providing a property file with the admin client configuration parameters.

Inside that properties file you should specify ssl.truststore.location and ssl.truststore.password (eventually ssl.truststore.type) as you normally do for producer and consumer clients.

If TLS client authentication is enabled, you have to set ssl.keystore.location and ssl.keystore.password as well.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Can you please give an example for context? How does that file look like?
Sample config ``` ssl.truststore.location=/truststore.jks ssl.truststore.password=abc123 ```
-7

As of my knowledge, the Consumer and Producer SSL config does not actually make a difference if you want to fetch the list of Kafka topics. Just simply try the cli command:

./bin/kafka-topics --zookeeper localhost:2181 --list

or

./bin/kafka-topics.sh --zookeeper localhost:2181 --list

Improve this answer

4 Comments

The "--zookeeper" option was deprecated in Apache Kafka 2.2, you should not rely on it.
Your answer does not help or give a pointer how to query the topics with TLS/SSL.
Although --zookeeper is deprecated, kafka-topics.sh in a secure environment works with --zookeeper option only. There is no option to provide a separate config like in console-producer/consumer. The command that worked for me in SSL/TLS environment: /bin/kafka-topics.sh --zookeeper localhost:2181 --list
FYI, I've been trying to connect to a Zookeeper TLS port on Amazon MSK this way and it simply hangs. Using --bootstrap and the TLS broker list instead works, and kafka-topics.sh accepts the --command-config option. The config file requires only security.protocol=SSL (unless you're using client certificates.)

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.