本节介绍分布式消息服务Kafka使用SASL_SSL连接常见问题

1.报错示例：java.security.cert.CertPathValidatorException: Algorithm constraints check failed: SHA256withDS

解决途径：排查jdk是否支持SHA256withDS算法，推荐使用oracle jdk1.8.0_201版本jdk

2.报错示例：Topic authorization failed for topics

解决途径：排查topic是否授权，如果没有则授予对应权限

3. 报错示例：Authentication failed during authentication due to invalid credentials with SASL mechanism SCRAM-SHA-512

解决途径：排查连接kafka的用户密码是否正确

4. 报错示例：java.security.cert.CertificateException: No subject alternative names present

解决途径：配置文件需要配置  ssl.endpoint.identification.algorithm=

5. 报错示例：Keystore was tampered with, or password was incorrect

解决途径：排查 ssl client密码是否错误或者和证书不匹配，可以从实例详情->接入点信息->查看所有IP和端口信息，界面下载对应证书

6.接入配置示例