You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@camel.apache.org by Jan Bernhardt <jb...@talend.com> on 2017/05/11 06:44:13 UTC

SSL Settings for http component in blueprint

Hi Camel user,

I'm trying to connect to a REST Service (elasticsearch) via SSL with a
self-signed server certificate.

I've got it working fine with Java DSL according to the camel http component
documentation:
http://camel.apache.org/http.html (Using the JSSE Configuration Utility)

But now I have to get it working with blueprint as well. I could not find
any helpful documentation. I tried multiple alternatives, but none seemed to
work. For example I added this into my blueprint file:

<sslContextParameters id="sslParams"
xmlns="http://camel.apache.org/schema/blueprint">
    <trustManagers>
        <keyStore resource="${truststoreLocation}"
password="${truststorePassword}" type="${truststoreType}" />
    </trustManagers>
</sslContextParameters>

But I still get a certificate validation exception, when connecting to my
REST service.

Any idea of, what needs to be done, to get this working with a self-signed
certificate?

Best regards
Jan




--
View this message in context: http://camel.465427.n5.nabble.com/SSL-Settings-for-http-component-in-blueprint-tp5799272.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: SSL Settings for http component in blueprint

Posted by Jan Bernhardt <jb...@talend.com>.

Writing my own ClientConfigurer did the trick. However it would be
interesting to see, if there is an alternative solution with the blueprint
sslContextParameters element.

Here is my Solution:

public class ESHttpClientConfigurer implements HttpClientConfigurer {

    private String resource;
    private String password;
    private int port = 9200;
    
    @Override
    public void configureHttpClient(HttpClient arg0) {
        KeyStoreParameters ksp = new KeyStoreParameters();
        ksp.setResource(resource);
        ksp.setPassword(password);

        TrustManagersParameters tmp = new TrustManagersParameters();
        tmp.setKeyStore(ksp);

        SSLContextParameters scp = new SSLContextParameters();
        scp.setTrustManagers(tmp);

        ProtocolSocketFactory factory = new
SSLContextParametersSecureProtocolSocketFactory(scp);

        Protocol.registerProtocol("https", new Protocol("https", factory,
port));

    }

    public void setResource(String resource) {
        this.resource = resource;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public void setPort(int port) {
        this.port = port;
    }

}



<bean id="esHttpClientConfigurer"
class="com.zurich.ch.iwf.ingest.ESHttpClientConfigurer">
    <property name="resource" value="${truststoreLocation}" />
    <property name="password" value="${truststorePassword}" />
    <property name="port" value="${elasticsearchPort}" />
</bean> 


<to
uri="{{elasticsearchURL}}/_bulk?httpClientConfigurerRef=esHttpClientConfigurer{{elasticsearchAuthParameter}}"/>



--
View this message in context: http://camel.465427.n5.nabble.com/SSL-Settings-for-http-component-in-blueprint-tp5799272p5799274.html
Sent from the Camel - Users mailing list archive at Nabble.com.