Updating the configuration file of the System Data Engine

Update the configuration file of the System Data Engine to enable Transport Layer Security (TLS) communications with the Kafka server.

Procedure

  1. Copy the sample configuration file from the z/OS® UNIX System Services directory where SMP/E is installed to the directory that is assigned to the CDP_HOME environment variable for System Data Engine.
    Tip: Check the started task JCL of the System Data Engine in the SYS1.PROCLIB for the z/OS UNIX System Services directories of both SMP/E and CDP_HOME.
    Under z/OS UNIX System Services, run the following commands to copy the sample configuration file to the CDP_HOME directory. The commands assume the Z Common Data Provider is installed at /usr/lpp/IBM/zcdp/v5r1m0 by SMP/E, and the /var/zcdp/sde is the directory set for CDP_HOME environment variable in the System Data Engine started task. Specify the correct directories according to your environment.
    cp /usr/lpp/IBM/zcdp/v5r1m0/SDE/samples/gatherer.consumer.properties /var/cdpz/sde/ 
    cd /var/zcdp/sde
    ls -l 
    
  2. Update the configuration file gatherer.consumer.properties under the CDP_HOME directory. You can update the file via the vi command under z/OS UNIX System Services or OEDIT command under ISPF.
    At the minimum, you need to enable the following parameters:
    security.protocol=SSL                                                                                                                                                            
    ssl.truststore.type=PKCS12                                   
    ssl.truststore.location=/u/kafka/ssl/client.truststore.p12   
    ssl.truststore.password=test1234                             
    
    If client authentication is required for Kafka client, you need to enable the following parameters too.
    ssl.keystore.type=PKCS12                                     
    ssl.keystore.location=/u/kafka/ssl/client.keystore.p12 
    ssl.keystore.password=test1234                               
    ssl.key.password=test1234                                    
    
    Ensure that the keystore and truststore file names and their passwords match what you did in previous steps.
  3. Restart the System Data Engine to take the updated parameters from the configuration file.