Should have TLS client certificates auth

[agowdamsft]

Cert based auth is very typical with Kafka especailly when you have func running on a container or on Azure where Kafka clusters are running on VM/Confulent Cloud. Having this support could be important to target production workloads.

[fbeltrao]

Where would such certificates be stored?

• Key Vault when running on service plan?
• Secrets when running in K8s?

[agowdamsft]

KV would be very Azure based appraoch I would like to have that as an option. but any thoughts to have secrets as part of application seetings (SaslUsername & Password) with Client Cert as part of the App as file ? (not sure if we can leverage ssl cert store as this could be only applicable for app service plan- i am guessing) (. More ref here https://github.com/confluentinc/confluent-kafka-dotnet/blob/master/examples/ConfluentCloud/Program.cs

[ryancrawcour]

There is a PR open for this @agowdamsft could you please take a look through #78 and see if you approve.
I would add you as reviewer, but i can't for some reason.
Probably because you're not a member of the team / org or something.

[agowdamsft]

Thanks Ryan I am attached to the Org may not be this project though. Either way I saw the changes https://github.com/Azure/azure-functions-kafka-extension/compare/fbeltrao/basic-auth and they looked good. I did not see a sample/example updated in this PR to view how its usage would be and test it myself (maybe I missed it). Thanks, Amar

[ryancrawcour]

No. I do not believe you missed it. @fbeltrao did open a new issue #77 to go back and add tests, which is likley where the "example" will be. Will merge this for now, and if you find an issue after you've tried it yourself, or after the tests are published, we can always reopen the issue.

Thanks.