You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2023/12/06 09:23:51 UTC
(camel-kamelets) 01/03: Support SSL Endpoint Algorithm in Kafka SSL Kamelets
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch kafka-ssl-endpoint-algo
in repository https://gitbox.apache.org/repos/asf/camel-kamelets.git
commit 592e4a2fe4af5b312530a8f7634ef55117dca73d
Author: Andrea Cosentino <an...@gmail.com>
AuthorDate: Wed Dec 6 10:19:02 2023 +0100
Support SSL Endpoint Algorithm in Kafka SSL Kamelets
Signed-off-by: Andrea Cosentino <an...@gmail.com>
---
kamelets/kafka-ssl-sink.kamelet.yaml | 8 +++++++-
kamelets/kafka-ssl-source.kamelet.yaml | 6 ++++++
.../src/main/resources/kamelets/kafka-ssl-sink.kamelet.yaml | 8 +++++++-
.../src/main/resources/kamelets/kafka-ssl-source.kamelet.yaml | 6 ++++++
4 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/kamelets/kafka-ssl-sink.kamelet.yaml b/kamelets/kafka-ssl-sink.kamelet.yaml
index b6fc8f2c..786393f0 100644
--- a/kamelets/kafka-ssl-sink.kamelet.yaml
+++ b/kamelets/kafka-ssl-sink.kamelet.yaml
@@ -99,6 +99,11 @@ spec:
format: password
x-descriptors:
- urn:camel:group:credentials
+ sslEndpointAlgorithm:
+ description: The endpoint identification algorithm to validate server hostname using server certificate. Use none or false to disable server hostname verification.
+ title: SSL Endpoint Algorithm
+ type: string
+ default: https
topic:
description: Comma separated list of Kafka topic names
title: Topic Names
@@ -130,7 +135,8 @@ spec:
sslTruststoreLocation: '{{sslTruststoreLocation}}'
sslProtocol: '{{sslProtocol}}'
sslEnabledProtocols: '{{sslEnabledProtocols}}'
- saslMechanism: '{{saslMechanism}}'
+ sslEnabledProtocols: '{{sslEnabledProtocols}}'
+ sslEndpointAlgorithm: '{{sslEndpointAlgorithm}}'
type: '#class:org.apache.camel.component.kafka.KafkaConfiguration'
from:
uri: "kamelet:source"
diff --git a/kamelets/kafka-ssl-source.kamelet.yaml b/kamelets/kafka-ssl-source.kamelet.yaml
index 14072f6b..fab7c35c 100644
--- a/kamelets/kafka-ssl-source.kamelet.yaml
+++ b/kamelets/kafka-ssl-source.kamelet.yaml
@@ -118,6 +118,11 @@ spec:
x-descriptors:
- urn:camel:group:credentials
- urn:keda:authentication:password
+ sslEndpointAlgorithm:
+ description: The endpoint identification algorithm to validate server hostname using server certificate. Use none or false to disable server hostname verification.
+ title: SSL Endpoint Algorithm
+ type: string
+ default: https
sslProtocol:
description: The SSL protocol used to generate the SSLContext. Default setting is TLS, which is fine for most cases. Allowed values in recent JVMs are TLS, TLSv1.1 and TLSv1.2. SSL, SSLv2 and SSLv3 may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities.
title: SSL Protocol
@@ -159,6 +164,7 @@ spec:
sslTruststoreLocation: '{{sslTruststoreLocation}}'
sslProtocol: '{{sslProtocol}}'
sslEnabledProtocols: '{{sslEnabledProtocols}}'
+ sslEndpointAlgorithm: '{{sslEndpointAlgorithm}}'
saslMechanism: '{{saslMechanism}}'
groupId: '{{?consumerGroup}}'
autoOffsetReset: '{{autoOffsetReset}}'
diff --git a/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-sink.kamelet.yaml b/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-sink.kamelet.yaml
index b6fc8f2c..786393f0 100644
--- a/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-sink.kamelet.yaml
+++ b/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-sink.kamelet.yaml
@@ -99,6 +99,11 @@ spec:
format: password
x-descriptors:
- urn:camel:group:credentials
+ sslEndpointAlgorithm:
+ description: The endpoint identification algorithm to validate server hostname using server certificate. Use none or false to disable server hostname verification.
+ title: SSL Endpoint Algorithm
+ type: string
+ default: https
topic:
description: Comma separated list of Kafka topic names
title: Topic Names
@@ -130,7 +135,8 @@ spec:
sslTruststoreLocation: '{{sslTruststoreLocation}}'
sslProtocol: '{{sslProtocol}}'
sslEnabledProtocols: '{{sslEnabledProtocols}}'
- saslMechanism: '{{saslMechanism}}'
+ sslEnabledProtocols: '{{sslEnabledProtocols}}'
+ sslEndpointAlgorithm: '{{sslEndpointAlgorithm}}'
type: '#class:org.apache.camel.component.kafka.KafkaConfiguration'
from:
uri: "kamelet:source"
diff --git a/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-source.kamelet.yaml b/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-source.kamelet.yaml
index 14072f6b..fab7c35c 100644
--- a/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-source.kamelet.yaml
+++ b/library/camel-kamelets/src/main/resources/kamelets/kafka-ssl-source.kamelet.yaml
@@ -118,6 +118,11 @@ spec:
x-descriptors:
- urn:camel:group:credentials
- urn:keda:authentication:password
+ sslEndpointAlgorithm:
+ description: The endpoint identification algorithm to validate server hostname using server certificate. Use none or false to disable server hostname verification.
+ title: SSL Endpoint Algorithm
+ type: string
+ default: https
sslProtocol:
description: The SSL protocol used to generate the SSLContext. Default setting is TLS, which is fine for most cases. Allowed values in recent JVMs are TLS, TLSv1.1 and TLSv1.2. SSL, SSLv2 and SSLv3 may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities.
title: SSL Protocol
@@ -159,6 +164,7 @@ spec:
sslTruststoreLocation: '{{sslTruststoreLocation}}'
sslProtocol: '{{sslProtocol}}'
sslEnabledProtocols: '{{sslEnabledProtocols}}'
+ sslEndpointAlgorithm: '{{sslEndpointAlgorithm}}'
saslMechanism: '{{saslMechanism}}'
groupId: '{{?consumerGroup}}'
autoOffsetReset: '{{autoOffsetReset}}'