dk2k commented on code in PR #9939:
URL: https://github.com/apache/camel/pull/9939#discussion_r1178071245
##########
components/camel-as2/camel-as2-component/src/test/java/org/apache/camel/component/as2/MendelsonCertLoader.java:
##########
@@ -0,0 +1,183 @@
+package org.apache.camel.component.as2;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.spec.InvalidKeySpecException;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
+
+import javax.net.ssl.SSLContext;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.http.conn.ssl.TrustAllStrategy;
+import org.apache.http.ssl.SSLContexts;
+
+/**
+ * That's a utility class for preparing Mendelson-specific certificate chain,
private key, ssl context
+ */
+public class MendelsonCertLoader {
Review Comment:
I'm not sure that the requested changes are in the scope of the ticket
CAMEL-17946. Maybe we need another ticket like "Provide versatile testing
harness for AS2 component".
Let me explain the situation. All the Mendelson-related classes are in the
test folder, they aren't part of AS2 JAR artifact. My idea was to provide a
basic mechanism so that interested persons can verify my results for HTTPS AS2
connection - scientific approach. I din't aim to provide a versatile mechanism.
Mendelson is almost the only public resource for testing, it was mentioned in
https://github.com/apache/camel/pull/8896 and not by me. It doesn't bring
something proprietary into the code base.
Important facts about Mendelson resource. It provides concrete type of
private key and keystore. And its certificate chain is degenerated - consists
of the only certificate. Furthermore, the same certificate chain is used for
encryption and signing.
The only Mendelson test method is @Disabled by default.
It is important to test AS2 connection to non-localhost server due to it's
the only way to test the behaviour of the new config param HostnameVerifier.
One other PRO: it was difficult to construct SSLContext from scratch for me.
If I could choose, I would prefer to have real-life code examples in the code
base.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
