Aiven utilises TLS (SSL) to secure the traffic between its services and client applications. This means that clients must be configured with the right tools to be able to communicate with Aiven services.
Keystores and truststores are password-protected files that should be easily accessible to the client that interacts with the service. To create these files:
Log in to the Aiven web console and select your service.
On the Overview page:
Click Download next to Access Key and save the
Click Download next to Access Certificate and save the
Click Download next to CA Certificate and save the
Use OpenSSL to create the keystore with the
openssl pkcs12 -export -inkey service.key -in service.cert -out client.keystore.p12 -name service_key
The format has to be
PKCS12, which is the default since Java 9.
keytoolutility to create the truststore with the
ca.pemfile as input:
keytool -import -file ca.pem -alias CA -keystore client.truststore.jks
You can now include the output files in the configuration of client applications.