cp-ansible cp-ansible ignores ssl.principal.rules ( w/ MTLS AUTH ) just extract the full subject from the JKS/certificate to super.users

cp-ansible ignores ssl.principal.rules ( w/ MTLS AUTH ) just extract the full subject from the JKS/certificate to super.users

Open buznyusz opened this issue 2 years ago • 1 comments

hello, we want to use MTLS auth between kafka brokers, and trying to use principal.rules to extract data from the certificates subject, but the CP-Ansible ignores this paramater and export the full subject and adding it to the super.users list ( with manual adding it's OK )

https://github.com/confluentinc/cp-ansible/blob/fd56742ff5b63a75d4be64b7c5d4118b68fbe2ee/roles/kafka_broker/tasks/set_principal.yml#L22-L55

here is the lack of this logic !

pls fix it ! Thanks

Feb 11 '22 09:02 buznyusz

Hello @buznyusz Can you please have a look at the PR https://github.com/confluentinc/cp-ansible/pull/905 This is available in 7.1.x onwards. Let me know if this serves the purpose here. Thanks!

Jul 01 '22 11:07 nsharma-git

cp-ansible cp-ansible copied to clipboard

cp-ansible ignores ssl.principal.rules ( w/ MTLS AUTH ) just extract the full subject from the JKS/certificate to super.users

cp-ansible
cp-ansible copied to clipboard