generated from camel.apache.org/component
2
Home
gitea_admin edited this page 2026-03-11 14:40:14 +00:00
Table of Contents
Kafka
Sent and receive messages to/from an Apache Kafka broker.
Metadata
| Property | Value |
|---|---|
| Scheme | kafka |
| Support Level | Stable |
| Labels | messaging |
| Version | 4.10.2 |
Maven Dependency
<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-kafka</artifactId>
<version>4.10.2</version>
</dependency>
Endpoint Properties
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
topic |
string | ✓ | Name of the topic to use. On the consumer you can use comma to separate multiple topics. A producer can only send a message to a single topic. | |
additionalProperties |
object | Sets additional properties for either kafka consumer or kafka producer in case they can't be set directly on the camel configurations (e.g.: new Kafka properties that are not reflected yet in Camel configurations), the properties have to be prefixed with additionalProperties.., e.g.: additionalProperties.transactional.id=12345&additionalProperties.schema.registry.url=http://localhost:8811/avro. If the properties are set in the application.properties file, they must be prefixed with camel.component.kafka.additional-properties and the property enclosed in square brackets, like this example: camel.component.kafka.additional-propertiesdelivery.timeout.ms=15000. | ||
brokers |
string | URL of the Kafka brokers to use. The format is host1:port1,host2:port2, and the list can be a subset of brokers or a VIP pointing to a subset of brokers. This option is known as bootstrap.servers in the Kafka documentation. | ||
clientId |
string | The client id is a user-specified string sent in each request to help trace calls. It should logically identify the application making the request. | ||
headerFilterStrategy |
object | To use a custom HeaderFilterStrategy to filter header to and from Camel message. | ||
reconnectBackoffMaxMs |
integer | 1000 |
The maximum amount of time in milliseconds to wait when reconnecting to a broker that has repeatedly failed to connect. If provided, the backoff per host will increase exponentially for each consecutive connection failure, up to this maximum. After calculating the backoff increase, 20% random jitter is added to avoid connection storms. | |
retryBackoffMaxMs |
integer | 1000 |
The maximum amount of time in milliseconds to wait when retrying a request to the broker that has repeatedly failed. If provided, the backoff per client will increase exponentially for each failed request, up to this maximum. To prevent all clients from being synchronized upon retry, a randomized jitter with a factor of 0.2 will be applied to the backoff, resulting in the backoff falling within a range between 20% below and 20% above the computed value. If retry.backoff.ms is set to be higher than retry.backoff.max.ms, then retry.backoff.max.ms will be used as a constant backoff from the beginning without any exponential increase | |
retryBackoffMs |
integer | 100 |
The amount of time to wait before attempting to retry a failed request to a given topic partition. This avoids repeatedly sending requests in a tight loop under some failure scenarios. This value is the initial backoff value and will increase exponentially for each failed request, up to the retry.backoff.max.ms value. | |
shutdownTimeout |
integer | 30000 |
Timeout in milliseconds to wait gracefully for the consumer or producer to shut down and terminate its worker threads. | |
allowManualCommit |
boolean | false |
Whether to allow doing manual commits via KafkaManualCommit. If this option is enabled then an instance of KafkaManualCommit is stored on the Exchange message header, which allows end users to access this API and perform manual offset commits via the Kafka consumer. | |
autoCommitEnable |
boolean | true |
If true, periodically commit to ZooKeeper the offset of messages already fetched by the consumer. This committed offset will be used when the process fails as the position from which the new consumer will begin. | |
autoCommitIntervalMs |
integer | 5000 |
The frequency in ms that the consumer offsets are committed to zookeeper. | |
autoOffsetReset |
string | latest |
What to do when there is no initial offset in ZooKeeper or if an offset is out of range: earliest : automatically reset the offset to the earliest offset latest: automatically reset the offset to the latest offset fail: throw exception to the consumer | |
batching |
boolean | false |
Whether to use batching for processing or streaming. The default is false, which uses streaming. In streaming mode, then a single kafka record is processed per Camel exchange in the message body. In batching mode, then Camel groups many kafka records together as a List objects in the message body. The option maxPollRecords is used to define the number of records to group together in batching mode. | |
batchingIntervalMs |
integer | In consumer batching mode, then this option is specifying a time in millis, to trigger batch completion eager when the current batch size has not reached the maximum size defined by maxPollRecords. Notice the trigger is not exact at the given interval, as this can only happen between kafka polls (see pollTimeoutMs option). So for example setting this to 10000, then the trigger happens in the interval 10000 pollTimeoutMs. The default value for pollTimeoutMs is 5000, so this would mean a trigger interval at about every 15 seconds. | ||
breakOnFirstError |
boolean | false |
This options controls what happens when a consumer is processing an exchange and it fails. If the option is false then the consumer continues to the next message and processes it. If the option is true then the consumer breaks out. Using the default NoopCommitManager will cause the consumer to not commit the offset so that the message is re-attempted. The consumer should use the KafkaManualCommit to determine the best way to handle the message. Using either the SyncCommitManager or the AsyncCommitManager, the consumer will seek back to the offset of the message that caused a failure, and then re-attempt to process this message. However, this can lead to endless processing of the same message if it's bound to fail every time, e.g., a poison message. Therefore, it's recommended to deal with that, for example, by using Camel's error handler. | |
checkCrcs |
boolean | true |
Automatically check the CRC32 of the records consumed. This ensures no on-the-wire or on-disk corruption to the messages occurred. This check adds some overhead, so it may be disabled in cases seeking extreme performance. | |
commitTimeoutMs |
duration | 5000 |
The maximum time, in milliseconds, that the code will wait for a synchronous commit to complete | |
consumerRequestTimeoutMs |
integer | 30000 |
The configuration controls the maximum amount of time the client will wait for the response of a request. If the response is not received before the timeout elapsed, the client will resend the request if necessary or fail the request if retries are exhausted. | |
consumersCount |
integer | 1 |
The number of consumers that connect to kafka server. Each consumer is run on a separate thread that retrieves and process the incoming data. | |
fetchMaxBytes |
integer | 52428800 |
The maximum amount of data the server should return for a fetch request. This is not an absolute maximum, if the first message in the first non-empty partition of the fetch is larger than this value, the message will still be returned to ensure that the consumer can make progress. The maximum message size accepted by the broker is defined via message.max.bytes (broker config) or max.message.bytes (topic config). Note that the consumer performs multiple fetches in parallel. | |
fetchMinBytes |
integer | 1 |
The minimum amount of data the server should return for a fetch request. If insufficient data is available, the request will wait for that much data to accumulate before answering the request. | |
fetchWaitMaxMs |
integer | 500 |
The maximum amount of time the server will block before answering the fetch request if there isn't enough data to immediately satisfy fetch.min.bytes | |
groupId |
string | A string that uniquely identifies the group of consumer processes to which this consumer belongs. By setting the same group id, multiple processes can indicate that they are all part of the same consumer group. This option is required for consumers. | ||
groupInstanceId |
string | A unique identifier of the consumer instance provided by the end user. Only non-empty strings are permitted. If set, the consumer is treated as a static member, which means that only one instance with this ID is allowed in the consumer group at any time. This can be used in combination with a larger session timeout to avoid group rebalances caused by transient unavailability (e.g., process restarts). If not set, the consumer will join the group as a dynamic member, which is the traditional behavior. | ||
headerDeserializer |
object | To use a custom KafkaHeaderDeserializer to deserialize kafka headers values | ||
heartbeatIntervalMs |
integer | 3000 |
The expected time between heartbeats to the consumer coordinator when using Kafka's group management facilities. Heartbeats are used to ensure that the consumer's session stays active and to facilitate rebalancing when new consumers join or leave the group. The value must be set lower than session.timeout.ms, but typically should be set no higher than 1/3 of that value. It can be adjusted even lower to control the expected time for normal rebalances. | |
keyDeserializer |
string | org.apache.kafka.common.serialization.StringDeserializer |
Deserializer class for the key that implements the Deserializer interface. | |
maxPartitionFetchBytes |
integer | 1048576 |
The maximum amount of data per-partition the server will return. The maximum total memory used for a request will be #partitions max.partition.fetch.bytes. This size must be at least as large as the maximum message size the server allows or else it is possible for the producer to send messages larger than the consumer can fetch. If that happens, the consumer can get stuck trying to fetch a large message on a certain partition. | |
maxPollIntervalMs |
duration | The maximum delay between invocations of poll() when using consumer group management. This places an upper bound on the amount of time that the consumer can be idle before fetching more records. If poll() is not called before expiration of this timeout, then the consumer is considered failed, and the group will re-balance to reassign the partitions to another member. | ||
maxPollRecords |
integer | 500 |
The maximum number of records returned in a single call to poll() | |
offsetRepository |
object | The offset repository to use to locally store the offset of each partition of the topic. Defining one will disable the autocommit. | ||
partitionAssignor |
string | org.apache.kafka.clients.consumer.RangeAssignor |
The class name of the partition assignment strategy that the client will use to distribute partition ownership amongst consumer instances when group management is used | |
pollOnError |
object | ERROR_HANDLER |
What to do if kafka threw an exception while polling for new messages. Will by default use the value from the component configuration unless an explicit value has been configured on the endpoint level. DISCARD will discard the message and continue to poll the next message. ERROR_HANDLER will use Camel's error handler to process the exception, and afterwards continue to poll the next message. RECONNECT will re-connect the consumer and try polling the message again. RETRY will let the consumer retry poll the same message again. STOP will stop the consumer (it has to be manually started/restarted if the consumer should be able to consume messages again) | |
pollTimeoutMs |
duration | 5000 |
The timeout used when polling the KafkaConsumer. | |
preValidateHostAndPort |
boolean | true |
Whether to eager validate that broker host:port is valid and can be DNS resolved to known host during starting this consumer. If the validation fails, then an exception is thrown, which makes Camel fail fast. Disabling this will postpone the validation after the consumer is started, and Camel will keep re-connecting in case of validation or DNS resolution error. | |
seekTo |
object | Set if KafkaConsumer should read from the beginning or the end on startup: SeekPolicy.BEGINNING: read from the beginning. SeekPolicy.END: read from the end. | ||
sessionTimeoutMs |
integer | 45000 |
The timeout used to detect failures when using Kafka's group management facilities. | |
specificAvroReader |
boolean | false |
This enables the use of a specific Avro reader for use with the in multiple Schema registries documentation with Avro Deserializers implementation. This option is only available externally (not standard Apache Kafka) | |
topicIsPattern |
boolean | false |
Whether the topic is a pattern (regular expression). This can be used to subscribe to dynamic number of topics matching the pattern. | |
valueDeserializer |
string | org.apache.kafka.common.serialization.StringDeserializer |
Deserializer class for value that implements the Deserializer interface. | |
bridgeErrorHandler |
boolean | false |
Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions (if possible) occurred while the Camel consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. Important: This is only possible if the 3rd party component allows Camel to be alerted if an exception was thrown. Some components handle this internally only, and therefore bridgeErrorHandler is not possible. In other situations we may improve the Camel component to hook into the 3rd party component and make this possible for future releases. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | |
exceptionHandler |
object | To let the consumer use a custom ExceptionHandler. Notice if the option bridgeErrorHandler is enabled then this option is not in use. By default the consumer will deal with exceptions, that will be logged at WARN or ERROR level and ignored. | ||
exchangePattern |
object | Sets the exchange pattern when the consumer creates an exchange. | ||
isolationLevel |
string | read_uncommitted |
Controls how to read messages written transactionally. If set to read_committed, consumer.poll() will only return transactional messages which have been committed. If set to read_uncommitted (the default), consumer.poll() will return all messages, even transactional messages which have been aborted. Non-transactional messages will be returned unconditionally in either mode. Messages will always be returned in offset order. Hence, in read_committed mode, consumer.poll() will only return messages up to the last stable offset (LSO), which is the one less than the offset of the first open transaction. In particular, any messages appearing after messages belonging to ongoing transactions will be withheld until the relevant transaction has been completed. As a result, read_committed consumers will not be able to read up to the high watermark when there are in flight transactions. Further, when in read_committed the seekToEnd method will return the LSO | |
kafkaManualCommitFactory |
object | Factory to use for creating KafkaManualCommit instances. This allows to plugin a custom factory to create custom KafkaManualCommit instances in case special logic is needed when doing manual commits that deviates from the default implementation that comes out of the box. | ||
batchWithIndividualHeaders |
boolean | false |
If this feature is enabled and a single element of a batch is an Exchange or Message, the producer will generate individual kafka header values for it by using the batch Message to determine the values. Normal behavior consists of always using the same header values (which are determined by the parent Exchange which contains the Iterable or Iterator). | |
bufferMemorySize |
integer | 33554432 |
The total bytes of memory the producer can use to buffer records waiting to be sent to the server. If records are sent faster than they can be delivered to the server, the producer will either block or throw an exception based on the preference specified by block.on.buffer.full.This setting should correspond roughly to the total memory the producer will use, but is not a hard bound since not all memory the producer uses is used for buffering. Some additional memory will be used for compression (if compression is enabled) as well as for maintaining in-flight requests. | |
compressionCodec |
string | none |
This parameter allows you to specify the compression codec for all data generated by this producer. Valid values are none, gzip, snappy, lz4 and zstd. | |
connectionMaxIdleMs |
integer | 540000 |
Close idle connections after the number of milliseconds specified by this config. | |
deliveryTimeoutMs |
integer | 120000 |
An upper bound on the time to report success or failure after a call to send() returns. This limits the total time that a record will be delayed prior to sending, the time to await acknowledgement from the broker (if expected), and the time allowed for retriable send failures. | |
enableIdempotence |
boolean | true |
When set to 'true', the producer will ensure that exactly one copy of each message is written in the stream. If 'false', producer retries due to broker failures, etc., may write duplicates of the retried message in the stream. Note that enabling idempotence requires max.in.flight.requests.per.connection to be less than or equal to 5 (with message ordering preserved for any allowable value), retries to be greater than 0, and acks must be 'all'. Idempotence is enabled by default if no conflicting configurations are set. If conflicting configurations are set and idempotence is not explicitly enabled, idempotence is disabled. If idempotence is explicitly enabled and conflicting configurations are set, a ConfigException is thrown. | |
headerSerializer |
object | To use a custom KafkaHeaderSerializer to serialize kafka headers values | ||
key |
string | The record key (or null if no key is specified). If this option has been configured then it take precedence over header KafkaConstants#KEY | ||
keySerializer |
string | org.apache.kafka.common.serialization.StringSerializer |
The serializer class for keys (defaults to the same as for messages if nothing is given). | |
lingerMs |
integer | 0 |
The producer groups together any records that arrive in between request transmissions into a single, batched, request. Normally, this occurs only under load when records arrive faster than they can be sent out. However, in some circumstances, the client may want to reduce the number of requests even under a moderate load. This setting achieves this by adding a small amount of artificial delay. That is, rather than immediately sending out a record, the producer will wait for up to the given delay to allow other records to be sent so that they can be batched together. This can be thought of as analogous to Nagle's algorithm in TCP. This setting gives the upper bound on the delay for batching: once we get batch.size worth of records for a partition, it will be sent immediately regardless of this setting, however, if we have fewer than this many bytes accumulated for this partition, we will 'linger' for the specified time waiting for more records to show up. This setting defaults to 0 (i.e., no delay). Setting linger.ms=5, for example, would have the effect of reducing the number of requests sent but would add up to 5ms of latency to records sent in the absence of load. | |
maxBlockMs |
integer | 60000 |
The configuration controls how long the KafkaProducer's send(), partitionsFor(), initTransactions(), sendOffsetsToTransaction(), commitTransaction() and abortTransaction() methods will block. For send() this timeout bounds the total time waiting for both metadata fetch and buffer allocation (blocking in the user-supplied serializers or partitioner is not counted against this timeout). For partitionsFor() this time out bounds the time spent waiting for metadata if it is unavailable. The transaction-related methods always block, but may time out if the transaction coordinator could not be discovered or did not respond within the timeout. | |
maxInFlightRequest |
integer | 5 |
The maximum number of unacknowledged requests the client will send on a single connection before blocking. Note that if this setting is set to be greater than 1 and there are failed sends, there is a risk of message re-ordering due to retries (i.e., if retries are enabled). | |
maxRequestSize |
integer | 1048576 |
The maximum size of a request. This is also effectively a cap on the maximum record size. Note that the server has its own cap on record size which may be different from this. This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. | |
metadataMaxAgeMs |
integer | 300000 |
The period of time in milliseconds after which we force a refresh of metadata even if we haven't seen any partition leadership changes to proactively discover any new brokers or partitions. | |
metricReporters |
string | A list of classes to use as metrics reporters. Implementing the MetricReporter interface allows plugging in classes that will be notified of new metric creation. The JmxReporter is always included to register JMX statistics. | ||
metricsSampleWindowMs |
integer | 30000 |
The window of time a metrics sample is computed over. | |
noOfMetricsSample |
integer | 2 |
The number of samples maintained to compute metrics. | |
partitioner |
string | The partitioner class for partitioning messages amongst sub-topics. The default partitioner is based on the hash of the key. | ||
partitionerIgnoreKeys |
boolean | false |
Whether the message keys should be ignored when computing the partition. This setting has effect only when partitioner is not set | |
partitionKey |
integer | The partition to which the record will be sent (or null if no partition was specified). If this option has been configured then it take precedence over header KafkaConstants#PARTITION_KEY | ||
producerBatchSize |
integer | 16384 |
The producer will attempt to batch records together into fewer requests whenever multiple records are being sent to the same partition. This helps performance on both the client and the server. This configuration controls the default batch size in bytes. No attempt will be made to batch records larger than this size. Requests sent to brokers will contain multiple batches, one for each partition with data available to be sent. A small batch size will make batching less common and may reduce throughput (a batch size of zero will disable batching entirely). A very large batch size may use memory a bit more wastefully as we will always allocate a buffer of the specified batch size in anticipation of additional records. | |
queueBufferingMaxMessages |
integer | 10000 |
The maximum number of unsent messages that can be queued up the producer when using async mode before either the producer must be blocked or data must be dropped. | |
receiveBufferBytes |
integer | 65536 |
The size of the TCP receive buffer (SO_RCVBUF) to use when reading data. | |
reconnectBackoffMs |
integer | 50 |
The amount of time to wait before attempting to reconnect to a given host. This avoids repeatedly connecting to a host in a tight loop. This backoff applies to all requests sent by the consumer to the broker. | |
requestRequiredAcks |
string | all |
The number of acknowledgments the producer requires the leader to have received before considering a request complete. This controls the durability of records that are sent. The following settings are allowed: acks=0 If set to zero, then the producer will not wait for any acknowledgment from the server at all. The record will be immediately added to the socket buffer and considered sent. No guarantee can be made that the server has received the record in this case, and the retry configuration will not take effect (as the client won't generally know of any failures). The offset given back for each record will always be set to -1. acks=1 This will mean the leader will write the record to its local log but will respond without awaiting full acknowledgment from all followers. In this case should the leader fail immediately after acknowledging the record, but before the followers have replicated it, then the record will be lost. acks=all This means the leader will wait for the full set of in-sync replicas to acknowledge the record. This guarantees that the record will not be lost as long as at least one in-sync replica remains alive. This is the strongest available guarantee. This is equivalent to the acks=-1 setting. Note that enabling idempotence requires this config value to be 'all'. If conflicting configurations are set and idempotence is not explicitly enabled, idempotence is disabled. | |
requestTimeoutMs |
integer | 30000 |
The amount of time the broker will wait trying to meet the request.required.acks requirement before sending back an error to the client. | |
retries |
integer | Setting a value greater than zero will cause the client to resend any record that has failed to be sent due to a potentially transient error. Note that this retry is no different from if the client re-sending the record upon receiving the error. Produce requests will be failed before the number of retries has been exhausted if the timeout configured by delivery.timeout.ms expires first before successful acknowledgement. Users should generally prefer to leave this config unset and instead use delivery.timeout.ms to control retry behavior. Enabling idempotence requires this config value to be greater than 0. If conflicting configurations are set and idempotence is not explicitly enabled, idempotence is disabled. Allowing retries while setting enable.idempotence to false and max.in.flight.requests.per.connection to 1 will potentially change the ordering of records, because if two batches are sent to a single partition, and the first fails and is retried but the second succeeds; then the records in the second batch may appear first. | ||
sendBufferBytes |
integer | 131072 |
Socket write buffer size | |
useIterator |
boolean | true |
Sets whether sending to kafka should send the message body as a single record, or use a java.util.Iterator to send multiple records to kafka (if the message body can be iterated). | |
valueSerializer |
string | org.apache.kafka.common.serialization.StringSerializer |
The serializer class for messages. | |
workerPool |
object | To use a custom worker pool for continue routing Exchange after kafka server has acknowledged the message that was sent to it from KafkaProducer using asynchronous non-blocking processing. If using this option, then you must handle the lifecycle of the thread pool to shut the pool down when no longer needed. | ||
workerPoolCoreSize |
integer | 10 |
Number of core threads for the worker pool for continue routing Exchange after kafka server has acknowledged the message that was sent to it from KafkaProducer using asynchronous non-blocking processing. | |
workerPoolMaxSize |
integer | 20 |
Maximum number of threads for the worker pool for continue routing Exchange after kafka server has acknowledged the message that was sent to it from KafkaProducer using asynchronous non-blocking processing. | |
lazyStartProducer |
boolean | false |
Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. | |
recordMetadata |
boolean | false |
Whether the producer should store the RecordMetadata results from sending to Kafka. The results are stored in a List containing the RecordMetadata metadata's. The list is stored on a header with the key KafkaConstants#KAFKA_RECORDMETA | |
kafkaClientFactory |
object | Factory to use for creating org.apache.kafka.clients.consumer.KafkaConsumer and org.apache.kafka.clients.producer.KafkaProducer instances. This allows to configure a custom factory to create instances with logic that extends the vanilla Kafka clients. | ||
synchronous |
boolean | false |
Sets whether synchronous processing should be strictly used | |
interceptorClasses |
string | Sets interceptors for producer or consumers. Producer interceptors have to be classes implementing org.apache.kafka.clients.producer.ProducerInterceptor Consumer interceptors have to be classes implementing org.apache.kafka.clients.consumer.ConsumerInterceptor Note that if you use Producer interceptor on a consumer it will throw a class cast exception in runtime | ||
schemaRegistryURL |
string | URL of the schema registry servers to use. The format is host1:port1,host2:port2. This is known as schema.registry.url in multiple Schema registries documentation. This option is only available externally (not standard Apache Kafka) | ||
kerberosBeforeReloginMinTime |
integer | 60000 |
Login thread sleep time between refresh attempts. | |
kerberosConfigLocation |
string | Location of the kerberos config file. | ||
kerberosInitCmd |
string | /usr/bin/kinit |
Kerberos kinit command path. Default is /usr/bin/kinit | |
kerberosPrincipalToLocalRules |
string | DEFAULT |
A list of rules for mapping from principal names to short names (typically operating system usernames). The rules are evaluated in order, and the first rule that matches a principal name is used to map it to a short name. Any later rules in the list are ignored. By default, principal names of the form {username}/{hostname}{REALM} are mapped to {username}. For more details on the format, please see the Security Authorization and ACLs documentation (at the Apache Kafka project website). Multiple values can be separated by comma | |
kerberosRenewJitter |
number | 0.05 |
Percentage of random jitter added to the renewal time. | |
kerberosRenewWindowFactor |
number | 0.8 |
Login thread will sleep until the specified window factor of time from last refresh to ticket's expiry has been reached, at which time it will try to renew the ticket. | |
saslJaasConfig |
string | Expose the kafka sasl.jaas.config parameter Example: org.apache.kafka.common.security.plain.PlainLoginModule required username=USERNAME password=PASSWORD; | ||
saslKerberosServiceName |
string | The Kerberos principal name that Kafka runs as. This can be defined either in Kafka's JAAS config or in Kafka's config. | ||
saslMechanism |
string | GSSAPI |
The Simple Authentication and Security Layer (SASL) Mechanism used. For the valid values see http://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml | |
securityProtocol |
string | PLAINTEXT |
Protocol used to communicate with brokers. SASL_PLAINTEXT, PLAINTEXT, SASL_SSL and SSL are supported | |
sslCipherSuites |
string | A list of cipher suites. This is a named combination of authentication, encryption, MAC and key exchange algorithm used to negotiate the security settings for a network connection using TLS or SSL network protocol. By default, all the available cipher suites are supported. | ||
sslContextParameters |
object | SSL configuration using a Camel SSLContextParameters object. If configured, it's applied before the other SSL endpoint parameters. NOTE: Kafka only supports loading keystore from file locations, so prefix the location with file: in the KeyStoreParameters.resource option. | ||
sslEnabledProtocols |
string | The list of protocols enabled for SSL connections. The default is TLSv1.2,TLSv1.3 when running with Java 11 or newer, TLSv1.2 otherwise. With the default value for Java 11, clients and servers will prefer TLSv1.3 if both support it and fallback to TLSv1.2 otherwise (assuming both support at least TLSv1.2). This default should be fine for most cases. Also see the config documentation for SslProtocol. | ||
sslEndpointAlgorithm |
string | https |
The endpoint identification algorithm to validate server hostname using server certificate. Use none or false to disable server hostname verification. | |
sslKeymanagerAlgorithm |
string | SunX509 |
The algorithm used by key manager factory for SSL connections. Default value is the key manager factory algorithm configured for the Java Virtual Machine. | |
sslKeyPassword |
string | The password of the private key in the key store file or the PEM key specified in sslKeystoreKey. This is required for clients only if two-way authentication is configured. | ||
sslKeystoreLocation |
string | The location of the key store file. This is optional for the client and can be used for two-way authentication for the client. | ||
sslKeystorePassword |
string | The store password for the key store file. This is optional for the client and only needed if sslKeystoreLocation is configured. Key store password is not supported for PEM format. | ||
sslKeystoreType |
string | JKS |
The file format of the key store file. This is optional for the client. The default value is JKS | |
sslProtocol |
string | The SSL protocol used to generate the SSLContext. The default is TLSv1.3 when running with Java 11 or newer, TLSv1.2 otherwise. This value should be fine for most use cases. Allowed values in recent JVMs are TLSv1.2 and TLSv1.3. TLS, TLSv1.1, SSL, SSLv2 and SSLv3 may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities. With the default value for this config and sslEnabledProtocols, clients will downgrade to TLSv1.2 if the server does not support TLSv1.3. If this config is set to TLSv1.2, clients will not use TLSv1.3 even if it is one of the values in sslEnabledProtocols and the server only supports TLSv1.3. | ||
sslProvider |
string | The name of the security provider used for SSL connections. Default value is the default security provider of the JVM. | ||
sslTrustmanagerAlgorithm |
string | PKIX |
The algorithm used by trust manager factory for SSL connections. Default value is the trust manager factory algorithm configured for the Java Virtual Machine. | |
sslTruststoreLocation |
string | The location of the trust store file. | ||
sslTruststorePassword |
string | The password for the trust store file. If a password is not set, trust store file configured will still be used, but integrity checking is disabled. Trust store password is not supported for PEM format. | ||
sslTruststoreType |
string | JKS |
The file format of the trust store file. The default value is JKS. |