Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
We were informed a number of months back by our Customer Success Engineer that the default value for Kafka target's ssl.endpoint.identification.algorithm config would be changing in an upcoming release from none (no hostname verification) to https in order to enable broker hostname verification by default.
As we are currently planning an upgrade from a May 2023 version to either Nov 2023 or May 2024, we want to confirm whether or not this has in fact changed as a change in the default values would require work on our end to prepare for.
I see no mention of this changing in the release notes for either release and their respective service packs, but I also cannot find any specific documentation on the defaults for Kafka targets, only what options can be set:
https://help.qlik.com/en-US/replicate/May2024/Content/Replicate/Main/Kafka/kafka_setting_general_pro...
Any information around this config would be greatly appreciated. All the better to have a doc of the defaults for Kafka targets.
Hello @wmcgee4 ,
Thanks for reaching out to Qlik Community!
Qlik Replicate utilizes librdkafka as client library, looks to me the SSL/HTTPS connection are transparent to Qlik Replicate, I think this is the reason why no documentation yet for it.
In my internal labs I've setup Kafka 3.6.1 with KRaft mode on Linux with the settings:
ssl.cipher.suites = [] ssl.client.auth = none ssl.enabled.protocols = [TLSv1.2] ssl.endpoint.identification.algorithm = https ssl.engine.factory.class = null ssl.key.password = null |
Qlik Replicate works fine with it.
As I remember this is the default setting in Kafka 3.6, however the SSL settings are pretty simple and straight in my test machine, I would like suggest a careful acceptance test in your lower environment to make sure the upgrading move forward smoothly.
Hope this helps.
John.
Hello @wmcgee4 ,
Thanks for reaching out to Qlik Community!
Qlik Replicate utilizes librdkafka as client library, looks to me the SSL/HTTPS connection are transparent to Qlik Replicate, I think this is the reason why no documentation yet for it.
In my internal labs I've setup Kafka 3.6.1 with KRaft mode on Linux with the settings:
ssl.cipher.suites = [] ssl.client.auth = none ssl.enabled.protocols = [TLSv1.2] ssl.endpoint.identification.algorithm = https ssl.engine.factory.class = null ssl.key.password = null |
Qlik Replicate works fine with it.
As I remember this is the default setting in Kafka 3.6, however the SSL settings are pretty simple and straight in my test machine, I would like suggest a careful acceptance test in your lower environment to make sure the upgrading move forward smoothly.
Hope this helps.
John.
Is the librdkafka client library version shipped with each Qlik release documented?
I still curious about the default values and with the version for the client library, we can look at the GitHub for this library to confirm for the given library version.
Hello @wmcgee4 ,
You may get the Kafka Client Version information from task log file, see below sample:
The Kafka Client Version in major releases:
Qlik Replicate version | Kafka Client Version |
2022.11 GA | 1.5.2 |
V2022.11.0.394 | 2.0.2 |
V2023.5.0.413-701 | 1.5.2 |
2023.11 | 2.2.0 |
2024.5 | 2.2.0 |
Hope this helps.
John.