Support for one-way TLS without client authentication

Question

Support for one-way TLS without client authentication

mahpatil opened this issue 3 years ago · 1 comments

Is your feature request related to a problem? Please describe.
We would like to setup one-way TLS without mutual authentication using this operator. However, it looks like currently ssl.client.auth is set to "required" by default in configmap.go whenever SSL config is specified.

Describe the solution you'd like to see
It should be possible to set all possible values (required, requested, none) for ssl.client.auth.

Describe alternatives you've considered
No other alternative exists, aside from manually updating kafka broker config.

Additional context
NA

Answer 1 · 2022-04-27T13:54:59.000Z

Hey @mahpatil, the operator allows one-way TLS/SSL authentication for the brokers now, see this in the example KafkaCluster: https://github.com/banzaicloud/koperator/blob/master/config/samples/simplekafkacluster_ssl.yaml#L51-L52