Store SSL Certificates in key vault or secure place and give reference location in Kafka trigger Azure Functions

Question

0

I am developing kafka trigger based azure functions in JAVA where the function uses below configuration for connection:

@KafkaTrigger(name = "kafkatrigger", topic = "kafka.topic", brokerList = "%BrokerList%",
consumerGroup = "default-consumer", protocol = BrokerProtocol.SSL,
sslCertificateLocation = "%sslCertificateLocation%", sslCaLocation = "%sslCaLocation%",
sslKeyLocation = "%sslKeyLocation%", sslKeyPassword = "%keyStorePassword%",
cardinality = Cardinality.ONE, dataType = "string")

So, In above configuration I do not want to upload the client private key, client public key and ca certificate through artifact on the container for security purpose. So, I want to keep the certificates at secure location like key vault, secret management and use their reference location in @KafkaTrigger annotation. How can I achieve that?

Answer 1

@Patil, Nilesh-ZB-XT Our engineering team confirmed that unfortunately adding references to certificate stored in Certificate Stores is not supported for Kafka Extension. Since this is a feature request, we would like to understand more about your requirements and please add a comment in Allow retrieving custom certificates from certificate store thread describing the same. It will really help our product team to track and plan the feature as well as hear others with similar interest.

If you have any questions, feel free to add a comment in the thread. We would be happy to assist you.

Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community.