How to connect to Kafka using SCRAM-SHA-512 authentication

Troubleshooting

Symptom

Encountered the below error while setting up SASL mechanism SCRAM-SHA-512 to connect securely to Kafka

“ Error getting metadata for topic '<>' from broker 'my-kafka-cluster-kafka-external-bootstrap-event-automation.apps.amsocpprd.os.net.ibm.com:443' due to error: org.apache.kafka.common.KafkaException: Failed to construct kafka consumer “

Resolving The Problem

Along with the Kafka properties that we set by referring to this document , we also need to follow the below additional steps

Select the Kafka stage → Under 'Security' tab select SASL mechanism as “GSSAPI”.
Select the ‘Kafka’ tab and add the below config under Kafka configuration property :

Name	Value
security.protocol	GSSAPI
sasl.mechanism	SCRAM-SHA-512
sasl.jaas.config	org.apache.kafka.common.security.plain.PlainLoginModule required \ username="<user name for JAAS>"\ password="<password>";
ssl.truststore.location	<full path to the client truststore jks file>
ssl.truststore.password	<password>

E.g :

Document Location

Worldwide

[{"Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSM7CU","label":"IBM StreamSets Data Collector"},"ARM Category":[{"code":"","label":""}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Tips

How to connect to Kafka using SCRAM-SHA-512 authentication

Troubleshooting

Symptom

Resolving The Problem

Document Location

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?