https://community.cloudera.com/t5/Support-Questions/Kafka-producer-consumer-with-kerberos-authentication-not/m-p/243793#M205591 <P><EM> <A href="https://community.hortonworks.com/questions/238852/@hoda%20moradi">@hoda moradi</A></EM></P><P><EM>Your kafka_jaas.conf and contradicting entries 4 in number can you back up the current file and re-adjust the one I have attached on all the brokers if multimode.</EM></P><P><EM>Below is functioning SSL, Kerberos config </EM></P><PRE>######################################################### # server.properties ######################################################### listeners=PLAINTEXT://0.0.0.0:9092,SSL:0.0.0.0:9093,SASL_SSL://0.0.0.0:9094 advertised.listeners=PLAINTEXT://FQDN_Broker:9092,SSL://FQDN_Broker:9093,SASL_SSL://FQDN_Broker:9092 sasl.enabled.mechanisms=GSSAPI sasl.kerberos.service.name=kafka </PRE><P><STRONG>Client</STRONG></P><PRE>######################################################### # kafka_client_jaas.conf: ######################################################### KafkaClient { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTicket=true serviceName="kafka"; }; </PRE><P><STRONG>Server</STRONG></P><PRE>######################################################### # kafka_jaas.conf ######################################################### KafkaServer { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true keyTab="/etc/security/keytabs/kafka.service.keytab" useTicketCache=false serviceName="kafka" principal="kafka/_host@EXAMPLE.COM"; }; </PRE><P><EM>After these steps restart the Kafka broker(s) please revert</EM></P> Fri, 08 Feb 2019 06:29:51 GMT Shelton 2019-02-08T06:29:51Z