TLS encryption

Set up Red Hat AMQ Streams custom certificates on OpenShift (update)

Set up Red Hat AMQ Streams custom certificates on OpenShift (update)

As anticipated in the “Additional notes” section of my previous article, starting from Red Hat AMQ Streams 1.4, it is finally possible to use your own custom certificate for encrypting communication between Kafka clients and brokers—without the requirement to provide a CA certificate. The auto-generated and -managed internal CAs will still remain, but only to protect inter-cluster communication.

The user-provided certificate can be used with all listeners that have TLS encryption enabled, such as the route, load balancer, ingress, and NodePort types. In this complete example, we will enable an external route listener for one-way TLS authentication.

Prerequisites

You need to have the following in place before you can proceed:

Continue reading “Set up Red Hat AMQ Streams custom certificates on OpenShift (update)”

Share