Connecting to Kafka

In order to stream data from your Kafka broker, tenefit.cloud will need to connect to it.

Kafka Protocol

When configuring tenefit.cloud with connection details to your Kafka broker, you must specify one of the following protocols:

• Plaintext
• SSL
• SSL + client certificate

You choose the protocol when adding a new app in tenefit.cloud:

A summary of each of the supported protocols is given below. For a more detailed explanation, and how to configure your Kafka broker appropriately, see the Kafka Encryption and Authentication with SSL documentation.

Plaintext

Choose this option for communication with Kafka in the clear.

SSL

Note

Although TLS has superseded by SSL, Kafka documentation and configuration refers to SSL for historical reasons. For consistency with Kafka, tenefit.cloud will also refer to encryption as SSL.

With this option, communication with Kafka will be encrypted.

If the server certificate used by your Kafka is signed by a public CA (Certificate Authority), then you do not need to do any further configuration.

If the Kafka server certificate is self-signed or signed by a custom CA, then you need to provide the CA certificate or certificate chain trusted by your Kafka broker's server certificate. You can import it in PEM format using the Browse for CA certificate button:

Once imported, you'll see the filename:

When you press the Test connection button, the certificate will be provisioned for the test.

SSL + Client Certificate

This configuration is like SSL, above, but in addition to that, is for Kafka brokers that require a client certificate for authorization.

In those cases, you need to import the client certificate and client certificate key trusted by your Kafka broker, both in PEM format. Use the Browse for client certificate and Browse for client key buttons:

When you press the Test connection button, the certificate will be provisioned for the test.