You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by Castyn <er...@gmail.com> on 2012/04/13 16:37:57 UTC
SSL and CXF Consumers
I can find a pretty good amount of documentation and examples around setting
up and http endpoint to use an SSL cert and receive messages on https, but
what I am trying to do is have a CXF consumer perform the same way. Is
there a way to deploy an SSL cert for a CXF consumer, and if not how would I
go about letting the entire servicemix instance utilize it so all incoming
traffic could be verified for an SSL cert?
--
View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5638480.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: SSL and CXF Consumers
Posted by Willem Jiang <wi...@gmail.com>.
The cxf is the bus name, you need to specify it in your engine-factory.
BTW, you may need to include the resource like this to have the bean
instance which name is cxf.
<import resource="classpath:META-INF/cxf/cxf.xml"/>
On 4/24/12 1:38 AM, Castyn wrote:
> I am trying to setup the conduit and jetty engine much like in the SVN
> example. For some reason I am getting an error:
>
> 13:31:50,019 | ERROR | xtenderThread-11 | ContextLoaderListener |
> ? ? | 84 -
> org.springframework.osgi.extender - 1.2.1 | Application context refresh
> failed (OsgiBundleXmlApplicationContext(bundle=mdm-realtime-route,
> config=osgibundle:/META-INF/spring/*.xml))
> org.springframework.beans.factory.BeanCreationException: Error creating bean
> with name 'tls-config': Cannot resolve reference to bean 'cxf' while setting
> constructor argument; nested exception is
> org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean
> named 'cxf' is defined
> at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:616)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1003)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:907)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)[75:org.springframework.context:3.0.5.RELEASE]
> at
> org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext.access$1600(AbstractDelegatedExecutionApplicationContext.java:69)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext$4.run(AbstractDelegatedExecutionApplicationContext.java:355)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.util.internal.PrivilegedUtils.executeWithCustomTCCL(PrivilegedUtils.java:85)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext.completeRefresh(AbstractDelegatedExecutionApplicationContext.java:320)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.extender.internal.dependencies.startup.DependencyWaiterApplicationContextExecutor$CompleteRefreshTask.run(DependencyWaiterApplicationContextExecutor.java:132)[84:org.springframework.osgi.extender:1.2.1]
> at java.lang.Thread.run(Thread.java:662)[:1.6.0_23]
> Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException:
> No bean named 'cxf' is defined
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:527)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1083)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:274)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)[73:org.springframework.beans:3.0.5.RELEASE]
> ... 19 more
>
>
> My beans are below. I amnot sure why it is referencing a bean named cxf.
>
> <httpj:engine-factory id="tls-config">
> <httpj:engine port="9191">
> <httpj:tlsServerParameters>
> <sec:keyManagers keyPassword="pass">
> <sec:keyStore type="JKS" password="pass"
>
> resource="/apps/apache-servicemix-4.4.1-fuse-01-13/etc/sdg.jks"/>
> </sec:keyManagers>
> <sec:cipherSuitesFilter>
> <sec:include>.*_WITH_3DES_.*</sec:include>
> <sec:include>.*_WITH_DES_.*</sec:include>
> <sec:exclude>.*_WITH_NULL_.*</sec:exclude>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
> </sec:cipherSuitesFilter>
> <sec:clientAuthentication want="true" required="false"/>
> </httpj:tlsServerParameters>
> </httpj:engine>
> </httpj:engine-factory>
>
> <http:conduit name="*.http-conduit">
> <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000" />
> <http:tlsClientParameters disableCNCheck="true">
> <sec:keyManagers keyPassword="pass">
> <sec:keyStore type="JKS" password="pass"
> file="/apps/apache-servicemix-4.4.1-fuse-01-13/etc/sdg.jks" />
> </sec:keyManagers>
> </http:tlsClientParameters>
> </http:conduit>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5660019.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Willem
----------------------------------
CamelOne 2012 Conference, May 15-16, 2012: http://camelone.com
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: SSL and CXF Consumers
Posted by Willem Jiang <wi...@gmail.com>.
The cxf is the bus name, you need to specify it in your engine-factory.
BTW, you may need to include the resource like this to have the bean
instance which name is cxf.
<import resource="classpath:META-INF/cxf/cxf.xml"/>
On 4/24/12 1:38 AM, Castyn wrote:
> I am trying to setup the conduit and jetty engine much like in the SVN
> example. For some reason I am getting an error:
>
> 13:31:50,019 | ERROR | xtenderThread-11 | ContextLoaderListener |
> ? ? | 84 -
> org.springframework.osgi.extender - 1.2.1 | Application context refresh
> failed (OsgiBundleXmlApplicationContext(bundle=mdm-realtime-route,
> config=osgibundle:/META-INF/spring/*.xml))
> org.springframework.beans.factory.BeanCreationException: Error creating bean
> with name 'tls-config': Cannot resolve reference to bean 'cxf' while setting
> constructor argument; nested exception is
> org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean
> named 'cxf' is defined
> at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:616)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1003)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:907)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)[75:org.springframework.context:3.0.5.RELEASE]
> at
> org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext.access$1600(AbstractDelegatedExecutionApplicationContext.java:69)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext$4.run(AbstractDelegatedExecutionApplicationContext.java:355)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.util.internal.PrivilegedUtils.executeWithCustomTCCL(PrivilegedUtils.java:85)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext.completeRefresh(AbstractDelegatedExecutionApplicationContext.java:320)[81:org.springframework.osgi.core:1.2.1]
> at
> org.springframework.osgi.extender.internal.dependencies.startup.DependencyWaiterApplicationContextExecutor$CompleteRefreshTask.run(DependencyWaiterApplicationContextExecutor.java:132)[84:org.springframework.osgi.extender:1.2.1]
> at java.lang.Thread.run(Thread.java:662)[:1.6.0_23]
> Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException:
> No bean named 'cxf' is defined
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:527)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1083)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:274)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)[73:org.springframework.beans:3.0.5.RELEASE]
> at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)[73:org.springframework.beans:3.0.5.RELEASE]
> ... 19 more
>
>
> My beans are below. I amnot sure why it is referencing a bean named cxf.
>
> <httpj:engine-factory id="tls-config">
> <httpj:engine port="9191">
> <httpj:tlsServerParameters>
> <sec:keyManagers keyPassword="pass">
> <sec:keyStore type="JKS" password="pass"
>
> resource="/apps/apache-servicemix-4.4.1-fuse-01-13/etc/sdg.jks"/>
> </sec:keyManagers>
> <sec:cipherSuitesFilter>
> <sec:include>.*_WITH_3DES_.*</sec:include>
> <sec:include>.*_WITH_DES_.*</sec:include>
> <sec:exclude>.*_WITH_NULL_.*</sec:exclude>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
> </sec:cipherSuitesFilter>
> <sec:clientAuthentication want="true" required="false"/>
> </httpj:tlsServerParameters>
> </httpj:engine>
> </httpj:engine-factory>
>
> <http:conduit name="*.http-conduit">
> <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000" />
> <http:tlsClientParameters disableCNCheck="true">
> <sec:keyManagers keyPassword="pass">
> <sec:keyStore type="JKS" password="pass"
> file="/apps/apache-servicemix-4.4.1-fuse-01-13/etc/sdg.jks" />
> </sec:keyManagers>
> </http:tlsClientParameters>
> </http:conduit>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5660019.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Willem
----------------------------------
CamelOne 2012 Conference, May 15-16, 2012: http://camelone.com
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: SSL and CXF Consumers
Posted by Castyn <er...@gmail.com>.
I am trying to setup the conduit and jetty engine much like in the SVN
example. For some reason I am getting an error:
13:31:50,019 | ERROR | xtenderThread-11 | ContextLoaderListener |
? ? | 84 -
org.springframework.osgi.extender - 1.2.1 | Application context refresh
failed (OsgiBundleXmlApplicationContext(bundle=mdm-realtime-route,
config=osgibundle:/META-INF/spring/*.xml))
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'tls-config': Cannot resolve reference to bean 'cxf' while setting
constructor argument; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean
named 'cxf' is defined
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:616)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1003)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:907)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)[75:org.springframework.context:3.0.5.RELEASE]
at
org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext.access$1600(AbstractDelegatedExecutionApplicationContext.java:69)[81:org.springframework.osgi.core:1.2.1]
at
org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext$4.run(AbstractDelegatedExecutionApplicationContext.java:355)[81:org.springframework.osgi.core:1.2.1]
at
org.springframework.osgi.util.internal.PrivilegedUtils.executeWithCustomTCCL(PrivilegedUtils.java:85)[81:org.springframework.osgi.core:1.2.1]
at
org.springframework.osgi.context.support.AbstractDelegatedExecutionApplicationContext.completeRefresh(AbstractDelegatedExecutionApplicationContext.java:320)[81:org.springframework.osgi.core:1.2.1]
at
org.springframework.osgi.extender.internal.dependencies.startup.DependencyWaiterApplicationContextExecutor$CompleteRefreshTask.run(DependencyWaiterApplicationContextExecutor.java:132)[84:org.springframework.osgi.extender:1.2.1]
at java.lang.Thread.run(Thread.java:662)[:1.6.0_23]
Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException:
No bean named 'cxf' is defined
at
org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:527)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1083)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:274)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)[73:org.springframework.beans:3.0.5.RELEASE]
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)[73:org.springframework.beans:3.0.5.RELEASE]
... 19 more
My beans are below. I amnot sure why it is referencing a bean named cxf.
<httpj:engine-factory id="tls-config">
<httpj:engine port="9191">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="pass">
<sec:keyStore type="JKS" password="pass"
resource="/apps/apache-servicemix-4.4.1-fuse-01-13/etc/sdg.jks"/>
</sec:keyManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_3DES_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:exclude>.*_WITH_NULL_.*</sec:exclude>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
<sec:clientAuthentication want="true" required="false"/>
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>
<http:conduit name="*.http-conduit">
<http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000" />
<http:tlsClientParameters disableCNCheck="true">
<sec:keyManagers keyPassword="pass">
<sec:keyStore type="JKS" password="pass"
file="/apps/apache-servicemix-4.4.1-fuse-01-13/etc/sdg.jks" />
</sec:keyManagers>
</http:tlsClientParameters>
</http:conduit>
--
View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5660019.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: SSL and CXF Consumers
Posted by Willem Jiang <wi...@gmail.com>.
The trust manager is for the client. If you just want to configure the
cxf consumer, you just need to use the keystore.
<httpj:engine-factory bus="cxf">
<httpj:identifiedTLSServerParameters id="secure">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="password">
<sec:keyStore type="JKS" password="password"
file="certs/cherry.jks"/>
</sec:keyManagers>
</httpj:tlsServerParameters>
</httpj:identifiedTLSServerParameters>
On Mon Apr 23 20:18:20 2012, Castyn wrote:
> What goes in the keystore versus the trust manager? Do Ineed to use both on
> the jetty engine and http conduit? All I have created is a keystore and
> added the ssl public certificate to it. What do I need to add to a trust
> manager?
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5659264.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Willem
----------------------------------
CamelOne 2012 Conference, May 15-16, 2012: http://camelone.com
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: SSL and CXF Consumers
Posted by Castyn <er...@gmail.com>.
What goes in the keystore versus the trust manager? Do Ineed to use both on
the jetty engine and http conduit? All I have created is a keystore and
added the ssl public certificate to it. What do I need to add to a trust
manager?
--
View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5659264.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: SSL and CXF Consumers
Posted by Willem Jiang <wi...@gmail.com>.
On Fri Apr 20 06:40:20 2012, Castyn wrote:
> Thanks for the reply, I will work through some of the configuration shortly.
> I did however notice that when I changed my cxf consumer to use an address
> of https, that my route would no longer deploy saying that SSL protocol
> could not be used on an http configured endpoint.
>
> Looking deeper it looks like I might need to actually use the jetty engine
> to setup the SSL port for that CXF consumer?
If you are using the CXF Servlet transport, you don't need to setup the
jetty engine.
If not, you should setup the jetty engine as the example does.
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5652965.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Willem
----------------------------------
CamelOne 2012 Conference, May 15-16, 2012: http://camelone.com
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: SSL and CXF Consumers
Posted by Castyn <er...@gmail.com>.
Thanks for the reply, I will work through some of the configuration shortly.
I did however notice that when I changed my cxf consumer to use an address
of https, that my route would no longer deploy saying that SSL protocol
could not be used on an http configured endpoint.
Looking deeper it looks like I might need to actually use the jetty engine
to setup the SSL port for that CXF consumer?
--
View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5652965.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: SSL and CXF Consumers
Posted by Christian Müller <ch...@gmail.com>.
My comments inline
Best,
Christian
On Thu, Apr 19, 2012 at 5:42 PM, Castyn <er...@gmail.com> wrote:
> Basically all I am really trying to do is take incoming CXF requests over
> https, then route it to the webservice on another server using https.
>
> Being new to this sort of thing I have a few questions that might help me
> find the direction:
>
> Do I need to deploy the SSL cert to the bundle/route specifically, or is
> there a way to deploy it for all of servicemix?
We put it into ${SMX_HOME}/etc
I believe I need to add the
> cert to the java keystore, but then does servicemix find it automatically
> or
> is there something I need to configure?
>
Yes, you need a keystore. If you have a look at [1] in my previous post,
you will see hoe you can configure it.
Do I actually need to use an http-conduit for this, I would think I do since
> I am taking the request from the https and sending it to another CXF
> endpoint on https.
>
I think it too. But Willem is the CXF expert here... :-)
> Do I need to setup any jetty engine like in the SVN example? I would think
> cxf and the use of the conduit would be sufficient, but I am not sure.
>
You don't need to set up a jetty engine.
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5652117.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: SSL and CXF Consumers
Posted by Castyn <er...@gmail.com>.
Basically all I am really trying to do is take incoming CXF requests over
https, then route it to the webservice on another server using https.
Being new to this sort of thing I have a few questions that might help me
find the direction:
Do I need to deploy the SSL cert to the bundle/route specifically, or is
there a way to deploy it for all of servicemix? I believe I need to add the
cert to the java keystore, but then does servicemix find it automatically or
is there something I need to configure?
Do I actually need to use an http-conduit for this, I would think I do since
I am taking the request from the https and sending it to another CXF
endpoint on https.
Do I need to setup any jetty engine like in the SVN example? I would think
cxf and the use of the conduit would be sufficient, but I am not sure.
--
View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5652117.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: SSL and CXF Consumers
Posted by Willem Jiang <wi...@gmail.com>.
If you didn't want to leverage the SSL to send the request to the CXF
service, you don't need to configure http:conduit part.
BTW, the below example shows the configuration of jetty engine could be
very useful.
On Wed Apr 18 04:40:25 2012, Christian Müller wrote:
> You need a "http:conduit". You can find an example at [1] and the Apache
> CXF web site [2].
>
> [1]
> https://svn.apache.org/repos/asf/camel/trunk/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/jaxrs/CxfRsProducerClientFactoryCacheTest2.xml
> [2]
> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
>
> Best,
> Christian
>
> On Tue, Apr 17, 2012 at 5:36 PM, Castyn<er...@gmail.com> wrote:
>
>> Hmm let me try to rephrase a bit. How would you go about securing a CXF
>> consumer endpoint with an SSL cert that is open to the outside world? Do
>> you need to route it through an http conduit or is there some way to have
>> the SSL cert live on the CXF endpoint itself?
>>
>> --
>> View this message in context:
>> http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5646855.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>
--
Willem
----------------------------------
CamelOne 2012 Conference, May 15-16, 2012: http://camelone.com
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: SSL and CXF Consumers
Posted by Christian Müller <ch...@gmail.com>.
You need a "http:conduit". You can find an example at [1] and the Apache
CXF web site [2].
[1]
https://svn.apache.org/repos/asf/camel/trunk/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/jaxrs/CxfRsProducerClientFactoryCacheTest2.xml
[2]
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
Best,
Christian
On Tue, Apr 17, 2012 at 5:36 PM, Castyn <er...@gmail.com> wrote:
> Hmm let me try to rephrase a bit. How would you go about securing a CXF
> consumer endpoint with an SSL cert that is open to the outside world? Do
> you need to route it through an http conduit or is there some way to have
> the SSL cert live on the CXF endpoint itself?
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5646855.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: SSL and CXF Consumers
Posted by Castyn <er...@gmail.com>.
Hmm let me try to rephrase a bit. How would you go about securing a CXF
consumer endpoint with an SSL cert that is open to the outside world? Do
you need to route it through an http conduit or is there some way to have
the SSL cert live on the CXF endpoint itself?
--
View this message in context: http://camel.465427.n5.nabble.com/SSL-and-CXF-Consumers-tp5638480p5646855.html
Sent from the Camel - Users mailing list archive at Nabble.com.