producer = KafkaProducer( bootstrap_servers='kafka.XXXX.dev:9093', security_protocol='SASL_SSL', sasl_mechanism='PLAIN', sasl_plain_username=sasl_plain_username, sasl_plain_password=sasl_plain_password, ssl_cafile='/path/to/CARoot.pem', ssl_certfile='/path/to/certificate.pem', ssl_keyfile='/path/to/Private_key.pem', value_serializer=lambda v: json.dumps(v).encode('utf-8'))The above producer gives me ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)
ssl_cafile is pem generated from the truststore.jks with alias CAROOTssl_certfile is certificate pem generated from keystore.jks with alias localhostssl_keyfile is private key pem generated from keystore.jks with alias localhost
Is there anything wrong with the configuration?.
I tried to regenerate all pem files with
keytool -exportcert -alias $alias -keystore $keyStore -rfc -file $outputFolder/certificate.pem -storepass $passwordkeytool -v -importkeystore -srckeystore $keyStore -srcalias $alias -destkeystore $outputFolder/cert_and_key.p12 -deststoretype PKCS12 -storepass $password -srcstorepass $passwordopenssl pkcs12 -in $outputFolder/cert_and_key.p12 -nodes -nocerts -out $outputFolder/key.pem -passin pass:$passwordkeytool -exportcert -alias $alias -keystore $keyStore -rfc -file $outputFolder/CARoot.pem -storepass $passwordbut got same result.