Using SSL Without a Scheduler

You can also configure Vertica to interact with Kafka without using a scheduler. In this case, Kafka integration requires user-defined extensions (UDXs) that do not have access to global Vertica configuration parameters. As a result, you must load your SSL Certificates as session parameters.

  1. Configure your MaxSessionUDParameterSize to a value larger than the length of your certificate chain.
    ALTER SESSION SET MaxSessionUDParameterSize=100000
  2. Provide certificate, key, and password information to your session. Vertica does not log parameters that end in _secret. For more information on these parameters, refer to User-Defined Session Parameters.
    => ALTER SESSION SET UDPARAMETER kafka_SSL_Certificate='<client.crt contents>';
    ALTER SESSION SET UDPARAMETER kafka_SSL_PrivateKey_secret='<client.key contents>';
    ALTER SESSION SET UDPARAMETER kafka_SSL_PrivateKeyPassword_secret='<password, if applicable>';
    ALTER SESSION SET UDPARAMETER kafka_SSL_CA='<ca.crt contents>';			
  3. Enable SSL authentication for your session.
    => ALTER SESSION SET kafka_Enable_SSL=1;
    

    You can now run COPY commands with SSL authentication.