Kafka Connector with MongoDB TSL

Hello Community,
I have a MongoDB database with TSL running in the cloud and I’m trying to use Kafka Connector to connect to that database but the connection.uri parameter doesn’t accept tlscertificatekeyfile.

I have this Warning in Kafka Connector
connect_1 | [2021-12-09 20:06:56,889] WARN Connection string contains unsupported option ‘tlscertificatekeyfile’. (org.mongodb.driver.uri)

In the on the other side database LOG I have this message:
{“t”:{"$date":“2021-12-09T19:51:50.420+00:00”},“s”:“E”, “c”:“NETWORK”, “id”:23255, “ctx”:“conn775”,“msg”:“No SSL certificate provided by peer; connection rejected”}
{“t”:{"$date":“2021-12-09T19:51:50.420+00:00”},“s”:“I”, “c”:“NETWORK”, “id”:22988, “ctx”:“conn775”,“msg”:“Error receiving request from client. Ending connection from remote”,“attr”:{“error”:{“code”:141,“codeName”:“SSLHandshakeFailed”," errmsg":“no SSL certificate provided by peer; connection rejected”},“remote”:“”,“connectionId”:775}}

How can I inform my client.pem file in Kafka Connector?

I didn’t find any specific parameters.

The certificate chain is already in kafka and connector, I’ve also imported it with keytool so previous errors have already been solved, the problem is how to make the kafka connector inform the client.pem in the connection since the connection.uri parameter doesn’t accept the tlscertificatekeyfile ?



Hi Community,

I inform you that the problem has been resolved. We import the certificates in java according to the link

  • Insert mongodb-ca.ts and mongodb-client.jks files inside the container instance
  • Add the variables trustStore, trustStorePassword, keyStore and keyStorePassword, pointing to the correct information and it was placed in the dockerfile. Remember to change the “changeit”

RUN export KAFKA_OPTS=“-Djava.security.auth.login.config=/opt/security/connect_server_jaas.conf -Djavax.net.ssl.trustStore=/mongodb-ca.ts -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=/mongodb-client.jks -Djavax.net.ssl.keyStorePassword=changeit”

ENV CUSTOM_INIT_SCRIPT=“-Djava.security.auth.login.config=/opt/security/connect_server_jaas.conf -Djavax.net.ssl.trustStore=/mongodb-ca.ts -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=/mongodb-client.jks -Djavax.net.ssl.keyStorePassword=changeit”

ENV KAFKA_OPTS=“-Djava.security.auth.login.config=/opt/security/connect_server_jaas.conf -Djavax.net.ssl.trustStore=/mongodb-ca.ts -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=/mongodb-client.jks -Djavax.net.ssl.keyStorePassword=changeit”

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.