You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@camel.apache.org by pchakinala <pr...@planetsoft.com> on 2012/02/29 07:00:11 UTC

camel-http4 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Hi, 
We are using Servicemix 4.4 and camel 2.8.3 for our implementation.My
usecase flow is below

http client ---> camel-jetty -->camel-http4(ssl client)---> Third party
https service


Configuration : camel-context.xml

<camel:sslContextParameters
      id="sslContextParameters">
    <camel:keyManagers
        keyPassword="password">
      <camel:keyStore
          resource="c://keystore.jks"
          password="password"/>
    </camel:keyManagers>
	 <camel:trustManagers>
      <camel:keyStore
          resource="c://keystore.jks"
          password="password"/>
    </camel:trustManagers>
	
  </camel:sslContextParameters>
   

  <camel:camelContext xmlns="http://camel.apache.org/schema/spring">
      <properties>
           <property key="http.proxyHost" value="192.168.6.26"/>
           <property key="http.proxyPort" value="8080"/>
      </properties>
 
    <route>
 
       <from uri="jetty:http://0.0.0.0:8092/httpTest/"/>
   
     <to
uri=&quot;https4://pdb-services-beta.nipr.com/pdb-xml-reports/entityinfo_xml.cgi?customer_number=betaDFG&lt;nabble_a
href=&quot;beans.xml&quot;>beans.xml
3plnt&amp;pin_number=pdfsgrd1&amp;id_entity=12gg7&amp;bridgeEndpoint=true&amp;sslContextParametersRef=sslContextParameters"/>
    </route>
  </camel:camelContext>


Exception:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
	at
com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
	at
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
	at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
	at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
	at
org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
	at
org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
	at
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
	at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
	at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
	at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
	at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
	at
org.apache.camel.component.http4.HttpProducer.executeMethod(HttpProducer.java:238)
	at
org.apache.camel.component.http4.HttpProducer.process(HttpProducer.java:147)
	at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(AsyncProcessorTypeConverter.java:50)
	at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:78)
	at
org.apache.camel.processor.SendProcessor$2.doInAsyncProducer(SendProcessor.java:114)
	at
org.apache.camel.impl.ProducerCache.doInAsyncProducer(ProducerCache.java:284)
	at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:109)
	at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:78)
	at
org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
	at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
	at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor

we had succesfully connected thridparty service using same keystore using
smx-http component. when i used camel-http4 component found above exception.
can you suggest me any changes required in the configuration. attached
camel-cpntext file for your reference.
http://camel.465427.n5.nabble.com/file/n5524113/beans.xml beans.xml 
Regards,
Praveen Chakinala


--
View this message in context: http://camel.465427.n5.nabble.com/camel-http4-javax-net-ssl-SSLPeerUnverifiedException-peer-not-authenticated-tp5524113p5524113.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: camel-http4 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Posted by Babak Vahdat <ba...@swissonline.ch>.

Hi

Your trust-store file doesn't contain the X509 certificate of the peer
you're calling through camel-http4. Using keytool [1] you can verify the
content of your trust-store file as well as add the peer's certificate into
it.

And if the peer's certificate is already signed through a CA (like Verisign
or Thawte) then adding the root and intermedidate certificates of that given
CA should be already enough. If not then just import the peer's certificate
itself into your trust-store.

[1]
http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html

Babak


--
View this message in context: http://camel.465427.n5.nabble.com/camel-http4-javax-net-ssl-SSLPeerUnverifiedException-peer-not-authenticated-tp5524113p5524536.html
Sent from the Camel - Users mailing list archive at Nabble.com.