Cloudera Docs

Configure Zookeeper TLS/SSL support for Kafka

Learn how to configure TLS/SSL communication between Kafka and Zookeeper.

You can configure Kafka to connect to and communicate with Zookeeper through a secure TLS/SSL channel. The feature can be enabled or disabled with the Enable Secure Connection to ZooKeeper property. This property is set to true by default, however, it only takes effect if the Enable TLS/SSL for ZooKeeper property is also enabled for the dependant ZooKeeper service.

If you want to enable secure connections to Zookeeper, make sure that the Enable TLS/SSL for ZooKeeper property is enabled for the dependant ZooKeeper service. For more information, see Configure ZooKeeper TLS/SSL using Cloudera Manager.

  1. In Cloudera Manager select the Kafka service.
  2. Select Configuration and find the Enable Secure Connection to ZooKeeper property.
  3. Enable or disable Zookeeper TLS/SSL support for Kafka for all required services by checking or unchecking the checkbox next to the name of the service.
  4. Enter a Reason for change, and click Save Changes to commit the changes.
  5. Restart the Kafka service.
Zookeeper TLS/SSL support for Kafka is enabled or disabled for the selected Kafka services. If the feature was enabled, the selected Kafka services communicate with their dependant Zookeeper service through a secure TLS/SSL channel.