Support Questions

an_dutra · ‎02-02-2022

Hello, I have an expired certificate for Kafka on my server, my Kafka runs from Cloudera Manager, as follows:

But my Kafka Server still working just like my consumers and producers connections via SSL.

Can anyone help me to know if it's a bug or misconfiguration?

araujo · ‎02-07-2022

@an_dutra My guess is that it's a misconfiguration on your cluster. I just tested this on my Kafka cluster and once the certificate expires, if I try to connect to the cluster with a Kafka client I get the following exception:

Caused by: sun.security.validator.ValidatorException: PKIX path validation failed:
...
Caused by: java.security.cert.CertPathValidatorException: validity check failed
...
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Tue Feb 08 03:45:00 UTC 2022

The Kafka brokers will continue to run, though. However, if they are stopped and I try to start them again, they will fail to start with the same exception as the one above.

--
Was your question answered? Please take some time to click on "Accept as Solution" below this post.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Cloudera Community

Support Questions

Kafka working with expired certificates

how Kafka delete topic command works

How Kafka Producer work Internally

CCDH Certification Expiration

Frequent Session Expired in NiFi

Hive-Kafka Integration CDP

Support Video: How does Kafka ACLs work?

Kafka Best Practices

kafka consumer not working

Maven Repository SSL Certificate expired

Cloudera Certification URL is not working