Add ability to connect to bookkeeper using tls

[bputt]

Is your feature request related to a problem? Please describe.
I have a bookkeeper cluster that has TLS enabled and need pulsar clients to communicate to my cluster using tls

Describe the solution you'd like
The ability to specify tls settings for my broker to connect to bookkeeper

Describe alternatives you've considered
Using stunnel + iptables to redirect

[sijie]

@bputt just try to clarify your requirement here:

are you looking for "connecting your pulsar clients to brokers via TLS" or "connecting your pulsar broker to bookies via TLS"?

[bputt]

@sijie "connecting your pulsar broker to bookies via TLS"

[sijie]

@bputt gotcha, thank you for clarification.

[joefk]

👍

[one70six]

This functionality would be very useful for running a secure cluster and allowing a separate Pulsar functions cluster to also communicate with BK. Super interested in having that capability.

[jiazhai]

For TLS, It need these configs:
http://bookkeeper.apache.org/docs/latest/security/tls/#configuring-clients

We need add and support these config in BookKeeperClientFactoryImpl, which is similar to bk client config in it.

[david-streamlio]

Any update on this issue? Is there an ETA for this?

[rdhabalia]

@david-streamlio
I think we have added broker to bookie mTLS support with this PR: #5042

https://github.com/apache/pulsar/blob/master/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/ServiceConfiguration.java#L792-L818

Is that you are looking for?

[david-streamlio]

Yes, thank you!!