all-things-risingwave
How to workaround certificate reloading issue in librdkafka when certificates are rotated frequently?
I was looking into rising wave, and saw that its using the rdkafka
for the kafka library. From what I can tell <https://github.com/confluentinc/librdkafka/issues/2868|from librdkafkaissues>, librdkafka
does not support reloading certificates when they are rotated. We deploy in an environment where our certs have a somewhat short shelf life, and are auto rotated for us. Do you know of any way to workaround this?
Aa
Aaron Stockton
Asked on Apr 07, 2023
- One possible workaround is to periodically restart the Kafka client application to reload the certificates.
- Another approach is to implement a custom certificate reloading mechanism in your application code.
- You can also consider using a proxy server that handles the certificate rotation and forwards requests to the Kafka cluster with updated certificates.
Apr 07, 2023Edited by