![获取错误信息 [SocketServer brokerId=3] 与 /10.2.***.* 的身份验证失败(SSL 握手失败)(org.apache.kafka.common.network.Selector)](https://linux22.com/image/744715/%E8%8E%B7%E5%8F%96%E9%94%99%E8%AF%AF%E4%BF%A1%E6%81%AF%20%5BSocketServer%20brokerId%3D3%5D%20%E4%B8%8E%20%2F10.2.***.*%20%E7%9A%84%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81%E5%A4%B1%E8%B4%A5%EF%BC%88SSL%20%E6%8F%A1%E6%89%8B%E5%A4%B1%E8%B4%A5%EF%BC%89%EF%BC%88org.apache.kafka.common.network.Selector%EF%BC%89.png)
我在 kubernetes 上部署了 kafka multibroker,通过 broker 间的 SSL 通信,我设置了以下属性:
advertised.listeners=SSL://kafka-1.**.***.com:9093,PLAINTEXT://kafka-1.**.******.com:9092
zookeeper.connect=zookeeper-0.zookeeper-headless.default.svc.cluster.local:2181,zookeeper-1.zookeeper-headless.default.svc.cluster.local:2181,zookeeper-2.zookeeper-headless.default.svc.cluster.local:2181
broker.id=1
ssl.keystore.location=/opt/kafka/config/tls/kafka.server.keystore.jks
ssl.keystore.password=password
ssl.key.password=password
ssl.truststore.location=/opt/kafka/config/tls/kafka.server.truststore.jks
ssl.truststore.password=password
security.inter.broker.protocol=SSL
ssl.endpoint.identification.algorithm=
ssl.client.auth=requested
其他代理的配置相同,但代理 ID 和广告监听器已更改
我已经创建了 CN 为 kafka-1 的证书。.*.com 我无法弄清楚是什么导致了这个错误?