From a0a81303a73b795be1a7f7b7d9328d0367a0c2fb Mon Sep 17 00:00:00 2001 From: masfworld Date: Tue, 20 Aug 2024 12:43:14 +0200 Subject: [PATCH] keystore is not mandatory for SASL_SSL protocol Signed-off-by: Miguel Sotomayor Signed-off-by: masfworld --- .../rootfs/opt/bitnami/scripts/libschemaregistry.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/bitnami/schema-registry/7.6/debian-12/rootfs/opt/bitnami/scripts/libschemaregistry.sh b/bitnami/schema-registry/7.6/debian-12/rootfs/opt/bitnami/scripts/libschemaregistry.sh index 9c7a99b2f49a6..9b6ddd123527c 100644 --- a/bitnami/schema-registry/7.6/debian-12/rootfs/opt/bitnami/scripts/libschemaregistry.sh +++ b/bitnami/schema-registry/7.6/debian-12/rootfs/opt/bitnami/scripts/libschemaregistry.sh @@ -144,7 +144,8 @@ schema_registry_validate() { if [[ -n "$SCHEMA_REGISTRY_KAFKA_BROKERS" ]]; then if brokers_auth_protocol="$(schema_registry_brokers_auth_protocol)"; then - if [[ "$brokers_auth_protocol" =~ SSL ]]; then + # Keystore is not mandatory for SASL_SSL + if [[ "$brokers_auth_protocol" =~ SSL ]] && [[ ! "$brokers_auth_protocol" =~ SASL_SSL ]] && [[ -v "$SCHEMA_REGISTRY_CERTS_DIR" ]]; then if [[ ! -f ${SCHEMA_REGISTRY_CERTS_DIR}/schema-registry.keystore.jks ]] || [[ ! -f ${SCHEMA_REGISTRY_CERTS_DIR}/schema-registry.truststore.jks ]]; then print_validation_error "In order to configure the TLS encryption for communication with Kafka brokers, you must mount your schema-registry.keystore.jks and schema-registry.truststore.jks certificates to the ${SCHEMA_REGISTRY_CERTS_DIR} directory." fi @@ -302,7 +303,7 @@ schema_registry_initialize() { schema_registry_conf_set "kafkastore.sasl.jaas.config" "$aux_string" fi - if [[ "$brokers_auth_protocol" =~ SSL ]]; then + if [[ "$brokers_auth_protocol" =~ SSL ]] && [[ -v "$SCHEMA_REGISTRY_CERTS_DIR" ]]; then schema_registry_conf_set "kafkastore.ssl.keystore.location" "${SCHEMA_REGISTRY_CERTS_DIR}/schema-registry.keystore.jks" [[ -n "$SCHEMA_REGISTRY_KAFKA_KEYSTORE_PASSWORD" ]] && schema_registry_conf_set "kafkastore.ssl.keystore.password" "$SCHEMA_REGISTRY_KAFKA_KEYSTORE_PASSWORD" schema_registry_conf_set "kafkastore.ssl.truststore.location" "${SCHEMA_REGISTRY_CERTS_DIR}/schema-registry.truststore.jks"