Uploading user-provided certificates

Search…
In order to successfully connect to Kafka or other third parties, you may need to upload your self-signed certificates to our servers by running a patch HTTP request for each cluster you wish to use with your connection.
How to upload files
The following is an example of how to upload your keystore and truststore files to connect to Kafka, but it can be easily adjusted to upload other files as well.
Step 1
First run this request for the API server:
1
echo {} | jq '{ clazz: "ModifyServerFiles", serverFiles: [ { name: "kafka.client.keystore.jks", "path": "/opt/kafka.client.keystore.jks", "content": $file1 }, { name: "kafka.client.truststore.jks", "path": "/opt/kafka.client.truststore.jks", "content": $file2 } ]  }' --arg file1 $(cat /<FILE_PATH>/kafka.client.keystore.jks | base64) --arg file2 $(cat /<FILE_PATH>/kafka.client.truststore.jks | base64) |
2
http PATCH "https://api.upsolver.com/environments/<API_SERVER_ID>/" "Authorization: <API_TOKEN>" "x-user-organization: <ORG_ID>"
Copied!
Then run this request for the cluster you wish to upload the files to:
1
echo {} | jq '{ clazz: "ModifyServerFiles", serverFiles: [ { name: "kafka.client.keystore.jks", "path": "/opt/kafka.client.keystore.jks", "content": $file1 }, { name: "kafka.client.truststore.jks", "path": "/opt/kafka.client.truststore.jks", "content": $file2 } ]  }' --arg file1 $(cat /<FILE_PATH>/kafka.client.keystore.jks | base64) --arg file2 $(cat /<FILE_PATH>/kafka.client.truststore.jks | base64) |
2
http PATCH "https://api.upsolver.com/environments/<CLUSTER_ID>/" "Authorization: <API_TOKEN>" "x-user-organization: <ORG_ID>"
Copied!
Note that the two requests only differ in the IDs provided within the URLs for each request.
The first line of the request creates a JSON array serverFiles which contains the path and content of the file you are uploading.
The path referenced within the array itself is the path the file is written to within the server; it is also the path that should be provided when using this file to establish a connection.
The content of the file is passed through with as an argument with --arg. Here <FILE_PATH> represents the path to the file you are uploading as it is stored on your local computer.
This example uploads two files to the server, but the serverFiles array elements can be adjusted to upload either one or more files.
However, note that running this request overrides any files that may have been uploaded previously.
Finally, you should also provide your <API_SERVER_ID> and <CLUSTER_ID>, as well as your<API_TOKEN> and your <ORG_ID>.
To learn how to generate an API token, see: Upsolver REST API​
How to find your <API_SERVER_ID>
How to find your <CLUSTER_ID>
How to find your <ORG_ID>
Step 2
Once the certificates have been uploaded, roll the modified cluster to apply the changes.
How to roll a cluster
Step 3
If you followed this example using Kafka, you can now use the following within your consumer properties to create a Kafka connection:
1
security.protocol=SSL
2
ssl.truststore.location=/opt/kafka.client.truststore.jks
3
ssl.keystore.location=/opt/kafka.client.keystore.jks
4
ssl.keystore.password=upsolver
5
ssl.key.password=upsolver
Copied!
Cluster properties
Next - Administration
Python UDF
Last modified 21d ago
Copy link
Contents