Merge pull request #706 from Kilowhisky/SSL_NO_AUTH

Add support for 'none' authentication for kafka while still allowing SSL
2023-11-20 11:25:54 -07:00 · 2023-11-20 11:25:54 -07:00 · 4c34a534d1
parent 06cf6ebd67 c113180d0b
commit 4c34a534d1
1 changed files with 18 additions and 0 deletions
--- a/internal/endpoint/kafka.go
+++ b/internal/endpoint/kafka.go
@ -140,6 +140,24 @@ func (conn *KafkaConn) Send(msg string) error {
 			}
 			cfg.Net.TLS.Config = &tlsConfig
 		case "none":
 			// This path allows to either provide a custom ca certificate
 			// or, because RootCAs is nil, is using the hosts ca set
 			// to verify the server certificate
 			if conn.ep.Kafka.SSL {
 				tlsConfig := tls.Config{}
 				if conn.ep.Kafka.CACertFile != "" {
 					caCertPool, err := loadRootTLSCert(conn.ep.Kafka.CACertFile)
 					if err != nil {
 						return err
 					}
 					tlsConfig.RootCAs = &caCertPool
 				}
 				cfg.Net.TLS.Enable = true
 				cfg.Net.TLS.Config = &tlsConfig
 			}
 		}
 		c, err := sarama.NewSyncProducer([]string{uri}, cfg)