Search code examples

Kafka Configuration class in Spring Boot not finding keystore or truststore

I'm setting up a Kafka consumer configuration and the configuration cannot find the keystore or truststore on the classpath:

public class KafkaConfig {

    private String keyStorePath;
    private String trustStorePath;

    public ConsumerFactory<String, String> getConsumerFactory() {

        Map<String, Object> properties = new HashMap<>();
        properties.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
        properties.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
        properties.put(ConsumerConfig.GROUP_ID_CONFIG, "group1");
        properties.put(ConsumerConfig.CLIENT_ID_CONFIG, "client1");
        properties.put("", "true");
        properties.put("", "500");
        properties.put("", "30000");
        properties.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SSL");
        properties.put(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG, keyStorePath);
        properties.put(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG, "password");
        properties.put(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG, trustStorePath);
        properties.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, "password");
        properties.put(SslConfigs.SSL_KEY_PASSWORD_CONFIG, "password");

        return new DefaultKafkaConsumerFactory<>(properties);

    public ConcurrentKafkaListenerContainerFactory<String, String> kafkaListenerContainerFactory() {
        ConcurrentKafkaListenerContainerFactory<String, String> factory
                = new ConcurrentKafkaListenerContainerFactory<>();
        return factory;

The keystore and truststore are both located in the directory src/main/resources/ssl in the same maven module as the configuration class.

I set up the placeholders in the application.yml as follows:

    keystore: classpath:ssl/kafka-keystore.jks
    truststore: classpath:ssl/kafka-truststore.jks

However, the application fails to start with the following exception:

"org.apache.kafka.common.KafkaException: classpath:ssl/kafka-keystore.jks (No such file or directory)"

My understanding is that using @Value enables the use of the classpath: prefix to resolve the classpath (see this link)

Moreover, the @Value technique works just fine to resolve the keystores and truststores for the reactive WebClient configuration in the same application.

What do I need to do to resolve the classpath for the Kafka configuration? Am I missing something here?


  • Your injecting into a String which is going to keep the "classpath:" within the String value and provide it as a property to DefaultKafkaConsumerFactory, try injecting into a spring Resource like:

    Resource resourceFile;

    Then you can access the file and you could get the absolute path like:


    The idea being you could provide the absolute path to DefaultKafkaConsumerFactory

    But you could also try removing the "classpath:" and inject as String like your current code which might work depending on how DefaultKafkaConsumerFactory treats that property. But I can't see why absolute path above wouldn't work.