Configuring Telegraf Kafka input SSL

dilips86 · May 26, 2021, 4:14pm

Hi,
For my docker service (telegraf based) Kafka subscriber,
I have the root CAs published by AWS for tls_ca and have used AWS ACM_PCA signed client cert.pem and client privatekey.pem.

tls_ca = “AWSpublicCAroot.pem”
tls_cert = “signed-pca-cert.pem”
tls_key = “client-private-key.pem”

Error I get
2021-05-26T15:45:05Z E! [telegraf] Error running agent: could not initialize input inputs.kafka_consumer: could not load keypair /etc/telegraf/signed-pca-cert.pem:/etc/telegraf/client-private-key.pem: tls: failed to parse private key

But I do have generated my signed cert and key with a client password.
So is there way to set client password for TLS_config for properly loading the client key and parse it.

sspaink · June 10, 2021, 8:43pm

Looks there was a similar issue reported here: https://github.com/influxdata/telegraf/pull/2487#issuecomment-304098678 and that is most likely had something to do with the private key itself. Just to clarify, are you having an issue with the private-key.pem because it is encrypted with another password and you are looking for a way to pass that to Telegraf?

Are you using the latest version of Telegraf as well?

Topic		Replies	Views
Telegraf Kafka output SSL questions Telegraf telegraf	4	3280	January 30, 2018
Telegraf TLS Client Authentication in Influxdb output Telegraf influxdb , telegraf	4	3813	November 7, 2017
Configuring Telegraf Kafka output SSL Telegraf telegraf	2	1836	May 26, 2021
Can't run telegraf on AWS EC2 ( Amazon Linux ) telegraf	2	822	June 22, 2021
Error from broker when executing telegraf --config /etc/telegraf/telegraf.conf Telegraf telegraf , kafka	1	1506	February 19, 2021

Configuring Telegraf Kafka input SSL

Related topics