Kafka SSL handshake failed issue

The server host name verification may be disabled by setting ssl.endpoint.identification.algorithm to an empty string on the client.

Just set ssl.endpoint.identification.algorithm= It can help you.

I.e with an empty value:

ssl.endpoint.identification.algorithm=

For me it is an issue with input given to first name and last name for Keytool

Generally java.security.cert.CertificateException: No name matching localhost found means that the hostname in the certificate does not match the hostname of the server.

There is a great explanation of this error here: CertificateException: No name matching ssl.someUrl.de found

We encounterd the following errors, this might because the upgrade of Kafka's version from 1.x to 2.x.

javax.net.ssl.SSLHandshakeException: General SSLEngine problem ... javax.net.ssl.SSLHandshakeException: General SSLEngine problem ... java.security.cert.CertificateException: No name matching *** found

or

[Producer clientId=producer-1] Connection to node -2 failed authentication due to: SSL handshake failed

The default value for ssl.endpoint.identification.algorithm was changed to https, which performs hostname verification (man-in-the-middle attacks are possible otherwise). Set ssl.endpoint.identification.algorithm to an empty string to restore the previous behaviour. Apache Kafka Notable changes in 2.0.0

Solution: SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, ""