You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by pchakinala <pr...@planetsoft.com> on 2012/02/29 12:17:12 UTC
RE: camel-http4 javax.net.ssl.SSLPeerUnverifiedException: peer
notauthenticated
Hi Babak,
Thank you for response. We used same keystore to connect same third party
service using servimix-htpp provider component. We observed issue when
working with camel-http4 component only.
Praveen
From: Babak Vahdat [via Camel]
[mailto:ml-node+s465427n5524536h44@n5.nabble.com]
Sent: Wednesday, February 29, 2012 3:29 PM
To: pchakinala
Subject: Re: camel-http4 javax.net.ssl.SSLPeerUnverifiedException: peer
notauthenticated
Hi
Your trust-store file doesn't contain the X509 certificate of the peer
you're calling through camel-http4. Using keytool [1] you can verify the
content of your trust-store file as well as add the peer's certificate into
it.
And if the peer's certificate is already signed through a CA (like Verisign
or Thawte) then adding the root and intermedidate certificates of that given
CA should be already enough. If not then just import the peer's certificate
itself into your trust-store.
[1]
http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html
Babak
_____
If you reply to this email, your message will be added to the discussion
below:
http://camel.465427.n5.nabble.com/camel-http4-javax-net-ssl-SSLPeerUnverifie
dException-peer-not-authenticated-tp5524113p5524536.html
To unsubscribe from camel-http4 javax.net.ssl.SSLPeerUnverifiedException:
peer not authenticated, click here
<http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscrib
e_by_code&node=5524113&code=cHJhdmVlbi5jaGFraW5hbGFAcGxhbmV0c29mdC5jb218NTUy
NDExM3wtMjAwNDE3OTQwNg==> .
<http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_view
er&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNa
mespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.No
deNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_ema
ils%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> NAML
This message contains information that may be privileged or confidential and is the property of PlanetSoft Holdings Inc. It is
intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to
read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message
in error, please notify the sender immediately and delete all copies of this message.
--
View this message in context: http://camel.465427.n5.nabble.com/RE-camel-http4-javax-net-ssl-SSLPeerUnverifiedException-peer-notauthenticated-tp5524697p5524697.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: camel-http4 javax.net.ssl.SSLPeerUnverifiedException: peer
notauthenticated
Posted by Babak Vahdat <ba...@swissonline.ch>.
You seem to have had similar SSL setup issue while using SMX as well. Again,
check your keystore.jks file to see *if* the peer certificate or the
corresponding CA is properly trusted!
And IMHO it's not a good practice to use the same JKS for *both* own
certificate and private key as well as CA certificates trusted by your
application (however technically it's possible). Better separate them into
two different JKS files, as the purpose & usage of these two are completely
different!
[1]
http://servicemix.396122.n5.nabble.com/HTTP-query-Parameter-td4735072.html
Babak
--
View this message in context: http://camel.465427.n5.nabble.com/RE-camel-http4-javax-net-ssl-SSLPeerUnverifiedException-peer-notauthenticated-tp5524697p5524781.html
Sent from the Camel - Users mailing list archive at Nabble.com.