Configuring TLS/SSL for Kafka (Navigator Event Broker)
To enable TLS/SSL encryption between Navigator Audit Server and Kafka for publishing audit events to Kafka:
- Log in to the Cloudera Manager Admin Console.
- Select .
- Click the Configuration tab.
- Select Kafka Broker for the Scope filter.
- Select Security for the Category filter.
- Enter the following properties according to your cluster configuration.
Property Description Enable TLS/SSL for Kafka Broker Select the checkbox to enable TLS/SSL for encrypted communication between clients and the Kafka Broker service. Kafka Broker TLS/SSL Certificate Trust Store File Enter the path (location on disk) to the JKS truststore. Leave this field empty to have the list of well-known CAs checked to provide a chain of proof for the Navigator Audit Server. Kafka Broker TLS/SSL Certificate Trust Store Password The truststore does not need password protection. Its contents are public certificates already included in the default Java truststore.
- Click Save Changes.
- Restart the Kafka service.