'Can Apache ZooKeeper 4lw (FourLetterWord) be used with mTLS (mutual Transport Layer Security)?

I've used 4lw over unsecured connections, but I want to use 4lw over connections secured with mTLS. So far no success.

If this isn't supported, what is recommended in place of 4lw? AdminServer?

apache-zookeepermtls


Solution 1:[1]

Using Zookeeper with mTLS and ncat 4lw

  1. Create keystore in p12 format from JKS (nc need PEM)

    keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype jks -deststoretype pkcs12

  2. Export private key and cert to PEM

    openssl pkcs12 -in keystore.p12 -nokeys -out ~/cert.pem openssl pkcs12 -in keystore.p12 -out ~/key.pem

  3. Run nc with --ssl options (need password for private key)

    echo "stat" | nc --ssl --ssl-cert ~/cert.pem --ssl-key ~/key.pem zookeeper_host port

make your file with private key secured (correct file permission, not read for group and all) and encrypted!

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 jBee

Related Questions

Unable to read additional data from client session id

Configure zookeeper for kafka

Kafka Error while creating ACLs NoAuth for /kafka-acl/TransactionalId

multi-broker kafka InvalidReplicationFactorException

Where is the error log file destination for Zookeeper distributed with Kafka?

Flink TaskManager not reconnecting to the new Jobmanager

Unable to connect Zookeeper in gke cluster

Docker - library initialization failed - unable to allocate file descriptor table - out of memory

HBase Shell - org.apache.hadoop.hbase.ipc.ServerNotRunningYetException: Server is not running yet

Curator disconnects from zookeeper when IPs change even when using DNS names in connection string

Error in Zookeeper : Unreasonable length = 308375649 when creating topic in Kafka

why connect zookeeper take a long time on windows?