OneClick Fails to Connect to Kafka - Failed to create new KafkaAdminClient
search cancel

OneClick Fails to Connect to Kafka - Failed to create new KafkaAdminClient

book

Article ID: 405895

calendar_today

Updated On:

Products

Network Observability

Issue/Introduction

Configuring OneClick to connect to Kafka via SSL. The connection fails

$SPECROOT/tomcat/logs/catalina.out

2025-07-29 11:59:04,652 [Kafka-startup] ERROR org.springframework.kafka.core.KafkaAdmin - Could not create admin
org.apache.kafka.common.KafkaException: Failed to create new KafkaAdminClient
        at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:561) ~[kafka-clients-3.9.0.jar:?]
        at org.apache.kafka.clients.admin.Admin.create(Admin.java:147) ~[kafka-clients-3.9.0.jar:?]
        at org.apache.kafka.clients.admin.AdminClient.create(AdminClient.java:49) ~[kafka-clients-3.9.0.jar:?]
        at org.springframework.kafka.core.KafkaAdmin.createAdmin(KafkaAdmin.java:328) ~[spring-kafka-2.9.12.jar:2.9.12]
        at org.springframework.kafka.core.KafkaAdmin.initialize(KafkaAdmin.java:218) ~[spring-kafka-2.9.12.jar:2.9.12]
        at com.broadcom.spectrum.kafka.admin.KafkaTopicConfigurator.init(KafkaTopicConfigurator.java:121) ~[spectrum-kafka-common-22.2.4.0.jar:?]
        at com.broadcom.spectrum.kafka.admin.KafkaUtils.initialize(KafkaUtils.java:100) ~[spectrum-kafka-common-22.2.4.0.jar:?]
        at com.broadcom.spectrum.kafka.admin.HeartbeatManager.start(HeartbeatManager.java:109) ~[spectrum-kafka-common-22.2.4.0.jar:?]
        at com.broadcom.spectrum.kafka.alarm.AlarmProducer.start(AlarmProducer.java:65) ~[spectrum-alarm-producer-22.2.4.0.jar:?]
        at com.ca.im.netqos.integration.kafka.KafkaManager.init(KafkaManager.java:78) ~[netqos.jar:?]
        at com.ca.im.netqos.integration.kafka.KafkaManager.lambda$start$0(KafkaManager.java:181) ~[netqos.jar:?]
Caused by: org.apache.kafka.common.KafkaException: Failed to create new NetworkClient
        at org.apache.kafka.clients.ClientUtils.createNetworkClient(ClientUtils.java:255) ~[kafka-clients-3.9.0.jar:?]
        at org.apache.kafka.clients.ClientUtils.createNetworkClient(ClientUtils.java:190) ~[kafka-clients-3.9.0.jar:?]
        at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:545) ~[kafka-clients-3.9.0.jar:?]
Caused by: org.apache.kafka.common.KafkaException: Failed to load SSL keystore /etc/ssl/keystore.pfx of type JKS

Cause


Permissions on the keystore file did not allow the user OneClick tomcat was running as did not have permissions to access the file.

Resolution


Updated permissions on the keystore

chmod 664 /etc/ssl/keystore.pfx

Restarted OneClick Tomcat

   cd $SPECROOT/tomcat/bin/
   ./stopTomcat.sh
      <wait 10-20secs>
   ./startTomcat.sh

Additional Information

application-spring.properties

spring.kafka.security.protocol=SSL
spring.kafka.ssl.trust-store-location=file:/etc/ssl/keystore.pfx
spring.kafka.ssl.trust-store-password=changeit
spring.kafka.ssl.key-store-location=file:/etc/ssl/keystore.pfx
spring.kafka.ssl.key-store-password=changeit
spring.kafka.ssl.key-password=changeit
spring.kafka.bootstrap-servers=<kafkaServerA>:9092,<kafkaServerB>:9092

Powered by Wolken Software