You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Claus Ibsen (Jira)" <ji...@apache.org> on 2022/09/02 11:13:00 UTC

[jira] [Updated] (CAMEL-12719) Ability to load an SSLContextParameter with a Keystore containing multiple keys (aliases)

     [ https://issues.apache.org/jira/browse/CAMEL-12719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Claus Ibsen updated CAMEL-12719:
--------------------------------
    Fix Version/s: Future
                       (was: 3.x)

> Ability to load an SSLContextParameter with a Keystore containing multiple keys (aliases)
> -----------------------------------------------------------------------------------------
>
>                 Key: CAMEL-12719
>                 URL: https://issues.apache.org/jira/browse/CAMEL-12719
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-core
>    Affects Versions: 2.22.0
>         Environment: Apache Tomcat 7, Camel 2.22.0, java 8, redHat 6.6
> 1 TrustStore.jks (12 certificats CA => 12 alias)
> 1 Keystore.jsk (5 clés => 5 alias => 5 passwords différents)
> > 200 camelRoutes (file, soap, rest) secure, non-secure
>            Reporter: Florian B.
>            Priority: Major
>              Labels: gsoc2020
>             Fix For: Future
>
>
> Hello,
> I wish I could initialize a single SSLContextParameters at camel startup containing my truststore.jks (> 1 alias) and my keystore.jks (> 1 alias) in order to call it (refer to) in Routes (FTPs, HTTPs) without have to redefine a new SSLContextParameter for each EndPoint.
> _<camel:sslContextParameters id="sslIContextParameters">_
>  _<camel:trustManagers>_
>  _<camel:keyStore password="${truststore.jks.file.password}"_
>  _resource="${truststore.jks.file.location}" />_
>  _</camel:trustManagers>_
>  _<camel:keyManagers >_
>  _<camel:keyStore password="${keystore.jks.file.password}"_
>  _resource="${keystore.jks.file.location}" />_
>  _</camel:keyManagers>_
>  _</camel:sslContextParameters>_
> When my Keystore contains more than 1 alias, I have the following error when creating the Route at startup : 
> *Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve endpoint: https4://<host>:<port>/<address>?authPassword=RAW(password)&authUsername=login&authenticationPreemptive=true&bridgeEndpoint=true&sslContextParameters=sslContextParameters&throwExceptionOnFailure=true due to: Cannot recover key*
> due to
> *Caused by: java.security.UnrecoverableKeyException: Cannot recover key*
>  
> When my keystore contains only one key, it works very well.
> _<camel:sslContextParameters id="sslIContextParameters">_
>  _<camel:trustManagers>_
>  _<camel:keyStore password="${truststore.jks.file.password}"_
>  _resource="${truststore.jks.file.location}" />_
>  _</camel:trustManagers>_
>  _<camel:keyManagers keyPassword="keyPassword">_
>  _<camel:keyStore password="${keystore.jks.file.password}"_
>  _resource="${keystore.jks.file.location}" />_
>  _</camel:keyManagers>_
>  _</camel:sslContextParameters>_
>  
> So I would like to be able to call my SSLContextParameter for different EndPoint by specifying (if necessary) the alias of the Keystore needed (by specifying the alias and / or password of the key)
>  
> Objectif in my project :
>  * 1 TrustStore.jks 
>  * 1 Keystore.jsk
>  * 1 unique SSLContextParameter
>  * > 200 camelRoutes FTPs/HTTPs (ssl one way ou two way)
>  
> Thank a lot
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)