diff options
| author | Vincent Bernat <vincent@bernat.im> | 2016-05-19 16:19:34 +0200 |
|---|---|---|
| committer | Dana Powers <dana.powers@gmail.com> | 2016-05-19 07:19:34 -0700 |
| commit | 92f859d8da5c3f35ab3738ef2725fff05b6cf57f (patch) | |
| tree | cc764c63116ed56fcb650dc21fc84aec66dd0151 /kafka/producer/kafka.py | |
| parent | 254dcacb28f66c8426fb8ff161b88e2feb4c486a (diff) | |
| download | kafka-python-92f859d8da5c3f35ab3738ef2725fff05b6cf57f.tar.gz | |
Add CRL support to SSL support (#683)
A user can provide a CRL whose peer certificate will be checked
against. This only works with Python 3.4+ and Python 2.7.9+.
Diffstat (limited to 'kafka/producer/kafka.py')
| -rw-r--r-- | kafka/producer/kafka.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/kafka/producer/kafka.py b/kafka/producer/kafka.py index 6d2c816..7e8f625 100644 --- a/kafka/producer/kafka.py +++ b/kafka/producer/kafka.py @@ -207,6 +207,11 @@ class KafkaProducer(object): establish the certificate's authenticity. default: none. ssl_keyfile (str): optional filename containing the client private key. default: none. + ssl_crlfile (str): optional filename containing the CRL to check for + certificate expiration. By default, no CRL check is done. When + providing a file, only the leaf certificate will be checked against + this CRL. The CRL can only be checked with Python 3.4+ or 2.7.9+. + default: none. api_version (str): specify which kafka API version to use. If set to 'auto', will attempt to infer the broker version by probing various APIs. Default: auto @@ -243,6 +248,7 @@ class KafkaProducer(object): 'ssl_cafile': None, 'ssl_certfile': None, 'ssl_keyfile': None, + 'ssl_crlfile': None, 'api_version': 'auto', } |