Configure Journey engine with Kafka SSL

Use the following client certificates and share these certificates on the required machines and make a note of password.
  • Kafka.client.keystore.jks
  • kafka.client.truststore.jks

  1. Update Journey Engine log4j2.xml file from <JOURNEY_HOME>/Engine/conf/ directory. Uncomment the following lines in log4j2.xml.
    <Property name="security.protocol" >${sys:security.protocol}</
    Property>
    <Property name="ssl.truststore.location">
    ${sys:ssl.truststore.location}</Property>
    <Property name="ssl.truststore.password">
    ${sys:ssl.truststore.password}</Property>
    <Property name="ssl.keystore.location">${sys:ssl.keystore.location}</
    Property>
    <Property name="ssl.keystore.password">${sys:ssl.keystore.password}</
    Property>
    <Property name="ssl.key.password">${sys:ssl.key.password}</Property>
    <Property name="ssl.endpoint.identification.algorithm">
    ${sys:ssl.endpoint.identification.algorithm}</Property>
  2. Update journey_engine_master.config from <JOURNEY_HOME>/Engine/ directory.
  3. Update the following property values.
    kafka.security.enabled=Y
    kafka.security.protocols.enabled=SSL
    security.protocol=SSL
    ssl.truststore.location= /PATH/kafka.client.truststore.jks
    ssl.truststore.password=<ENCYPTED PASSWORD WITH JOURNEY ENCRYPTION
    TOOL>
    ssl.keystore.location= /PATH/kafka.client.keystore.jks
    ssl.keystore.password=<ENCYPTED PASSWORD WITH JOURNEY ENCRYPTION TOOL>
    ssl.key.password=<ENCYPTED PASSWORD WITH JOURNEY ENCRYPTION TOOL>
    ssl.endpoint.identification.algorithm=