dk2k commented on code in PR #9939: URL: https://github.com/apache/camel/pull/9939#discussion_r1178071245
########## components/camel-as2/camel-as2-component/src/test/java/org/apache/camel/component/as2/MendelsonCertLoader.java: ########## @@ -0,0 +1,183 @@ +package org.apache.camel.component.as2; + +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.StandardCharsets; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.UnrecoverableKeyException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.spec.InvalidKeySpecException; +import java.util.ArrayList; +import java.util.Base64; +import java.util.List; + +import javax.net.ssl.SSLContext; + +import org.apache.commons.io.IOUtils; +import org.apache.http.conn.ssl.TrustAllStrategy; +import org.apache.http.ssl.SSLContexts; + +/** + * That's a utility class for preparing Mendelson-specific certificate chain, private key, ssl context + */ +public class MendelsonCertLoader { Review Comment: I'm not sure that the requested changes are in the scope of the ticket CAMEL-17946. Maybe we need another ticket like "Provide versatile testing harness for AS2 component". Let me explain the situation. All the Mendelson-related classes are in the test folder, they aren't part of AS2 JAR artifact. My idea was to provide a basic mechanism so that interested persons can verify my results for HTTPS AS2 connection - scientific approach. I din't aim to provide a versatile mechanism. Mendelson is almost the only public resource for testing, it was mentioned in https://github.com/apache/camel/pull/8896 and not by me. It doesn't bring something proprietary into the code base. Important facts about Mendelson resource. It provides concrete type of private key and keystore. And its certificate chain is degenerated - consists of the only certificate. Furthermore, the same certificate chain is used for encryption and signing. The only Mendelson test method is @Disabled by default. It is important to test AS2 connection to non-localhost server due to it's the only way to test the behaviour of the new config param HostnameVerifier. One other PRO: it was difficult to construct SSLContext from scratch for me. If I could choose, I would prefer to have real-life code examples in the code base. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org