Breaking News: Grepper is joining You.com. Read the official announcement!
Check it out

Migrate an existing instance, not currently using mTLS, to mTLS with the PKI engine

Add Answer
Sumit Rawal answered on June 21, 2023 Popularity 1/10 Helpfulness 1/10

Contents

  • answer Migrate an existing instance, not currently using mTLS, to mTLS with the PKI engine

    • More Related Answers


    Migrate an existing instance, not currently using mTLS, to mTLS with the PKI engine

    Comment
    0

    Configure the PKI engine as detailed in Configuring a secrets manager in Vault.

    Configure the Vault values.yaml file to enable mTLS and point to the Kafka cluster's SSL port using the settings detailed in Security levels and configuration for Kafka and Vault.

    Configure the Vault values.yaml file to use the PKI backend. See Vault Installation Tools.

    Migrate existing certificates by deleting the previous CA at: secret//kafka-ca

    kafka-ca was formerly named certs-ca. You must delete both.

    Run the following command:

    kubectl exec -it -n tm-system vault-installer -- /deployment-tools/rotate-certs

    kafka_certs

    Reinstall with the Vault Installer to apply the values changes and start using mTLS.

    Popularity 1/10 Helpfulness 1/10 Language whatever
    Source: Grepper
    Tags: migrate mtls pki using whatever
    Link to this answer
    Share Copy Link
    Sumit Rawal
    Contributed on Jun 21 2023
    Sumit Rawal
    0 Answers  Avg Quality 2/10

    X

    Continue with Google

    By continuing, I agree that I have read and agree to Greppers's Terms of Service and Privacy Policy.
    X
    Grepper Account Login Required

    Oops, You will need to install Grepper and log-in to perform this action.