You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Claus Ibsen (Jira)" <ji...@apache.org> on 2022/07/27 14:29:00 UTC

[jira] [Resolved] (CAMEL-18310) Global SSL Context Params Force SSL for All HTTP Connections

     [ https://issues.apache.org/jira/browse/CAMEL-18310?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Claus Ibsen resolved CAMEL-18310.
---------------------------------
    Resolution: Fixed

> Global SSL Context Params Force SSL for All HTTP Connections 
> -------------------------------------------------------------
>
>                 Key: CAMEL-18310
>                 URL: https://issues.apache.org/jira/browse/CAMEL-18310
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-http
>    Affects Versions: 3.18.0
>            Reporter: Ralf Steppacher
>            Assignee: Claus Ibsen
>            Priority: Major
>             Fix For: 3.18.1, 3.19.0
>
>
> When setting the property {{camel.component.http.use-global-ssl-context-parameters=true}} all plaintext http connection attempts fail because a {{SSLConnectionSocketFactory}} is used. E.g. this will fail:
> {code:java}
> to(http("localhost:9090/test"))
> {code}
> with the following stacktrace:
> {noformat}
> javax.net.ssl.SSLException: Unsupported or unrecognized SSL message
>     at java.base/sun.security.ssl.SSLSocketInputRecord.handleUnknownRecord(SSLSocketInputRecord.java:451) ~[na:na]
>     at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:175) ~[na:na]
>     at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:110) ~[na:na]
>     at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1369) ~[na:na]
>     at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1278) ~[na:na]
>     at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:401) ~[na:na]
>     at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:373) ~[na:na]
>     at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient-4.5.13.jar:4.5.13]
>     at org.apache.camel.component.http.HttpProducer.executeMethod(HttpProducer.java:445) ~[camel-http-3.18.0.jar:3.18.0]
>     at org.apache.camel.component.http.HttpProducer.process(HttpProducer.java:273) ~[camel-http-3.18.0.jar:3.18.0]
>     at org.apache.camel.support.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:66) ~[camel-support-3.18.0.jar:3.18.0]
>     at org.apache.camel.processor.SendDynamicProcessor.lambda$process$0(SendDynamicProcessor.java:197) ~[camel-core-processor-3.18.0.jar:3.18.0]
>     at org.apache.camel.support.cache.DefaultProducerCache.doInAsyncProducer(DefaultProducerCache.java:327) ~[camel-support-3.18.0.jar:3.18.0]
>     at org.apache.camel.processor.SendDynamicProcessor.process(SendDynamicProcessor.java:182) ~[camel-core-processor-3.18.0.jar:3.18.0]
>     at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:812) ~[camel-core-processor-3.18.0.jar:3.18.0]
>     at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:720) ~[camel-core-processor-3.18.0.jar:3.18.0]
>     at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:189) ~[camel-base-engine-3.18.0.jar:3.18.0]
>     at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:61) ~[camel-base-engine-3.18.0.jar:3.18.0]
>     at org.apache.camel.processor.Pipeline.process(Pipeline.java:184) ~[camel-core-processor-3.18.0.jar:3.18.0]
>     at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:399) ~[camel-base-engine-3.18.0.jar:3.18.0]
> {noformat}
> SSL settings should only apply to endpoints using the {{https}} protocol scheme, not to endpoints using the {{http}} protocol scheme.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)