StreamNative Platform supports enabling TLS with AWS Certificate Manager (ACM). When you want to perform TLS termination at the load balancer, you can use certificates with ACM. ACM handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications.
The load balancer offloads traffic to the backend service via TCP protocols.
6651/443
data.pulsar.example.local
443
admin.pulsar.example.local
9093
messaging.pulsar.example.local
Enabling TLS with ACM is not applicable to KoP, since KoP needs TLS Server Name Indication (SNI) to route traffic that requires TLS termination on the broker side rather than the load balancer side.
To use certificates with ACM, complete the following steps.
Request a public certificate from ACM for the following domain names, and get the Amazon Resource Names (ARNs) for the certificate.
In the YAML file, enable domain, configure the annotations, and use the ARN obtained above as shown.
Apply the changes by restarting the Pulsar proxy.