Azure function Kafka Trigger and PFX file

Question

Hi we want to use Azure function Kafka Trigger over TLSMA.

Hence referring below Link1 the "sslCertificateLocation" and "sslKeyLocation" are the inputs that I must configure.

Link1: https://learn.microsoft.com/en-us/azure/azure-functions/functions-bindings-kafka-trigger?pivots=programming-language-java&tabs=isolated-process%2Cconfluent

However referring below Link2 azure function exposes .p12 file at location "/var/ssl/private"

Link2: https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code?tabs=linux#load-certificate-in-windows-apps

Is there any way to leverage above settings so that there is no need to store individual private certificate and key for implementing TLSMA connectivity between Azure function Trigger and Kafka cluster?

Answer 1

Hello RK ,

Thanks for reaching out in the Microsoft Q&A!

No, Azure Functions Kafka Trigger currently doesn't support using a single PFX file directly. While Azure Functions can expose the private key from a PFX file in specific scenarios (refer your Link2), Kafka Trigger relies on separate sslCertificateLocation and sslKeyLocation settings.

Here are your options:

Store Individual Certificate and Key: This is the recommended approach for now. You'll need to extract the certificate and key from the PFX file and store them in separate locations accessible to your Azure Function.

Feature Request: Consider submitting a feature request to the Azure Functions team asking for PFX file support with Kafka Trigger. You can use the Azure Functions feedback forum: https://feedback.azure.com/forums/355860-azure-functions/

Please let me know if you have further questions.

If the response helped, do "Accept Answer" and up-vote it to close the thread! Thanks