Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Kafka ACL's with Client Auth (2-way SSL)

Kafka ACL's with Client Auth (2-way SSL)

Contributor

If I set up authentication with Kerberos I can use principal.to.local.class=kafka.security.auth.KerberosPrincipalToLocal to map the principal name to local names. If I understand correctly it will change something like kafka/_HOST@REALM and allow me to write User:kafka in the ACLs.

How do I do this if I authenticate with 2-way ssl (i.e. I as the client present my certificate as authentication rather than a kerberos principle)?