Add ca.location support to SASL_SCRAM auth (#123)

Telefonica · Oct 26, 2023 · 9fdf2e7 · 9fdf2e7
1 parent 0df99d5
commit 9fdf2e7
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -63,6 +63,7 @@ To connect to Kafka over SASL/SCRAM authentication define the following addition
 - `KAFKA_SASL_MECHANISM`: SASL mechanism to use for authentication, defaults to `""`
 - `KAFKA_SASL_USERNAME`: SASL username for use with the PLAIN and SASL-SCRAM-.. mechanisms, defaults to `""`
 - `KAFKA_SASL_PASSWORD`: SASL password for use with the PLAIN and SASL-SCRAM-.. mechanism, defaults to `""`
+- `KAFKA_SSL_CA_CERT_FILE`: Kafka SSL broker CA certificate file, defaults to `""`
 
 When deployed in a Kubernetes cluster using Helm and using a Kafka external to the cluster, it might be necessary to define the kafka hostname resolution locally (this fills the /etc/hosts of the container). Use a custom values.yaml file with section `hostAliases` (as mentioned in default values.yaml).
 

diff --git a/main.go b/main.go
@@ -60,6 +60,10 @@ func main() {
  kafkaConfig["sasl.mechanism"] = kafkaSaslMechanism
  kafkaConfig["sasl.username"] = kafkaSaslUsername
  kafkaConfig["sasl.password"] = kafkaSaslPassword
+
+ if kafkaSslCACertFile != "" {
+ kafkaConfig["ssl.ca.location"] = kafkaSslCACertFile
+ }
  }
 
  producer, err := kafka.NewProducer(&kafkaConfig)