You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Freeman Yue Fang (Jira)" <ji...@apache.org> on 2023/05/18 21:28:00 UTC

[jira] [Commented] (CAMEL-19365) camel-undertow: UndertowHttpsSpringTest broken after upgrade

    [ https://issues.apache.org/jira/browse/CAMEL-19365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17724032#comment-17724032 ] 

Freeman Yue Fang commented on CAMEL-19365:
------------------------------------------

Hi [~orpiske],

I happen to know the root cause of this issue.

This is introduced by the fix of [UNDERTOW-2212|https://issues.redhat.com/browse/UNDERTOW-2212].

Without UNDERTOW-2212, undertow conduit just not check the common name of the http server host in the tls certificate when using SSL. But since UNDERTOW-2212 fixed this up, and in the UndertowHttpsSpringTest it simply uses a general certificate which isn't much the test machine's hostname,  that's why the test fails now.

We can
1. run maven test with 
-Dio.undertow.client.https.disableEndpointIdentification=true which explicitly not check the common name(CN) of the host to make the test pass
2. we can configure the Undertow Options somewhere during the SSL conversation using java code like
{code}
options = OptionMap.builder()
                .set(UndertowOptions.ENDPOINT_IDENTIFICATION_ALGORITHM, "")
                .getMap();
{code}
for this test to disable common name check.

Cheers
Freeman

> camel-undertow: UndertowHttpsSpringTest broken after upgrade
> ------------------------------------------------------------
>
>                 Key: CAMEL-19365
>                 URL: https://issues.apache.org/jira/browse/CAMEL-19365
>             Project: Camel
>          Issue Type: Task
>          Components: camel-undertow, tests
>    Affects Versions: 4.0-M3
>            Reporter: Otavio Rodolfo Piske
>            Priority: Minor
>
> The [upgrade to Undertow 2.3.5|https://github.com/apache/camel/commit/5dd5dc6f47ed2b6230836428df6420271b5ea117#diff-b5a06276719e759fe07dfe6f75d781be5f83d2215179d82bdb195ad035348214R479] broke the UndertowHttpsSpringTest. It is now failing due to a java.nio.channels.ClosedChannelException.
> It seems to me that the [changes|https://github.com/undertow-io/undertow/pull/1452] from [UNDERTOW-2252|https://issues.redhat.com/browse/UNDERTOW-2252] may have broken this test (or the test is wrong). 
> This needs to be investigated. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)