CloudKarafka SSL certificate renewal

Written by Patrik Ragnarsson

The SSL/TLS certificate, *.srvs.cloudkafka.com, used by shared and dedicated clusters expires at the end of December and needs to be rotated during a scheduled maintenance window on Tuesday, December 15, 2020. The schedule will be as follows:

Start time 2020-12-15 08:00 UTC
End time 2020-12-15 11:00 UTC

During the maintenance window, we will be performing rolling restarts of all Kafka clusters, to load the new certificate.

Heads-up!

The certificate renewal means the top Root CA will change. The new root will be

USERTrust RSA Certification Authority with SHA256 Fingerprint
E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2

If you have configured your Kafka clients to trust our certificate chain explicitly, you need to take action. The new certificate chain is available at www.cloudkarafka.com/docs/faq.html, if you still need to trust it explicitly.

Note: If you are using client SSL certificates for authentication, these are not affected by the certificate renewal.

Updates regarding the certificate rotation will be posted to status.cloudkarafka.com/incidents/yk8m05wtp9ff. To receive notifications, you can subscribe to updates on the status page.

If you have any questions or concerns regarding the upcoming certificate renewal, send an email to support@cloudkarafka.com.

All the best,
The CloudKarafka Team

CloudKarafka - Industry Leading Apache Kafka as a Service