Updating the configuration file of the System Data Engine
Update the configuration file of the System Data Engine to enable Transport Layer Security (TLS) communications with the Kafka server.
Procedure
-
Copy the sample configuration file from the z/OS® UNIX System Services directory where SMP/E is
installed to the directory that is assigned to the CDP_HOME environment variable
for System Data Engine. Tip: Check the started task JCL of the System Data Engine in theUnder z/OS UNIX System Services, run the following commands to copy the sample configuration file to the CDP_HOME directory. The commands assume the Z Common Data Provider is installed at /usr/lpp/IBM/zcdp/v5r1m0 by SMP/E, and the /var/zcdp/sde is the directory set for CDP_HOME environment variable in the System Data Engine started task. Specify the correct directories according to your environment.
SYS1.PROCLIB
for the z/OS UNIX System Services directories of both SMP/E and CDP_HOME.cp /usr/lpp/IBM/zcdp/v5r1m0/SDE/samples/gatherer.consumer.properties /var/cdpz/sde/ cd /var/zcdp/sde ls -l
- Update the configuration file gatherer.consumer.properties under the
CDP_HOME directory. You can update the file via the
vi
command under z/OS UNIX System Services orOEDIT
command under ISPF.At the minimum, you need to enable the following parameters:security.protocol=SSL ssl.truststore.type=PKCS12 ssl.truststore.location=/u/kafka/ssl/client.truststore.p12 ssl.truststore.password=test1234
If client authentication is required for Kafka client, you need to enable the following parameters too.
Ensure that the keystore and truststore file names and their passwords match what you did in previous steps.ssl.keystore.type=PKCS12 ssl.keystore.location=/u/kafka/ssl/client.keystore.p12 ssl.keystore.password=test1234 ssl.key.password=test1234
- Restart the System Data Engine to take the updated parameters from the configuration file.