I am trying to connect to an AWS MSK cluster from an Azure Service. We are using confluent kafka dotnet libraries in the code and also mTLS for the connection as below.
var consumerConfig = new ConsumerConfig
{
GroupId = kafkaConsumerConfiguration.ConsumerConfig.GroupId,
BootstrapServers = kafkaConsumerConfiguration.ConsumerConfig.BootstrapServers,
AutoOffsetReset = AutoOffsetReset.Earliest,
EnableAutoCommit = true,
EnableAutoOffsetStore = false,
SecurityProtocol = SecurityProtocol.Ssl,
EnableSslCertificateVerification = true,
SslCaCertificateStores = "Root,CA,Trust",
SslCertificatePem = kafkaConsumerConfiguration.ConsumerConfig.ConsumerPublicCert,
SslKeyPem = kafkaConsumerConfiguration.ConsumerConfig.ConsumerPrivateCert,
SslKeyPassword = kafkaConsumerConfiguration.ConsumerConfig.PrivateCertPassword
};
As shown, I am providing the client's public and private certificates and also the private certificate password.
But we get the following error when trying to connect.
Private key check failed: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned
Any idea how to figure out what is wrong?
