Posted on by Sreekanth

[Resolved] ERROR : Connection to node failed authentication due to: SSL handshake failed in Kafka | Big Data | Kafka

In this article, we will explain how to resolve the ERROR : Connection to node failed authentication due to: SSL handshake failed in Kafka. Here we provided simple solution for this issue.



What is Kafka SSL?

In this scenario Kafka SSL means to protect  data transferred between brokers and clients and brokers to tools. Basically, SSL is not enabled by default we need configure manually. It will secured the Kafka topics data as well from producer to consumers.
Here I am trying to configure SSL configuration in Kafka cluster, while  I am configured getting below error.

Kafka SSL error:

[root@node1 ~]# ./kafka_2.12-2.6.0/bin/kafka-console-producer.sh --topic test --broker-list node1.hadoop.com:9093 --producer.config /root/ssl_client/client.properties
>[2020-12-08 22:32:43,866] ERROR [Producer clientId=console-producer] Connection to node -1 (node1.hadoop.com/192.168.0.117:9093) failed authentication due to: SSL handshake failed (org.apache.kafka.clients.NetworkClient)
[2020-12-08 22:32:43,868] WARN [Producer clientId=console-producer] Bootstrap broker node1.hadoop.com:9093 (id: -1 rack: null) disconnected (org.apache.kafka.clients.NetworkClient)
[2020-12-08 22:32:44,127] ERROR [Producer clientId=console-producer] Connection to node -1 (node1.hadoop.com/192.168.0.117:9093) failed authentication due to: SSL handshake failed (org.apache.kafka.clients.NetworkClient)
[2020-12-08 22:32:44,127] WARN [Producer clientId=console-producer] Bootstrap broker node1.hadoop.com:9093 (id: -1 rack: null) disconnected (org.apache.kafka.clients.NetworkClient)
[2020-12-08 22:32:44,719]

Solution:

Here we provide simple solution for Kafka ssl handshake issue with simple steps.




First, check with Kafka server properties file then edit below configurations

Step 1: Open properties files using below command:

vi /etc/kafka/server.properties

Step 2: After opened the properties file then add the below properties in server.proerties file.

ssl.endpoint.identification.algortigm= https://hostname
ssl.client.auth=none

Once configured the above settings then restart Zookeeper and Kafka server

If still issue is not resolved, then try to “ssl.endpoint.identification.algortigm”  is null or empty string.

Why this property only changed, because hostname verification of servers is enabled by default for client configurations or connections. It will automatically connect the Kafka internal brokers as well.

Summary:  Why we got this type of error normally? due to some ssl configurations issue getting this type of error in the Kafka cluster or communication between Kafka server and Zookeeper server in the Big Data environment. Here we edit simple configurations in Kafka server.properties file.