[PR] CAMEL-23314: camel-opensearch - add SSLContextParameters support for TLS configuration [camel]

Mon, 13 Apr 2026 01:40:02 -0700 


oscerd opened a new pull request, #22578:
URL: https://github.com/apache/camel/pull/22578

   ## Summary
   
   Adds `SSLContextParameters` support to `camel-opensearch`, following the 
same pattern as other Camel components that expose TLS configuration 
(`camel-vertx-http`, `camel-kafka`, etc.). Users can now configure TLS 
protocols, cipher suites, named groups, and signature schemes instead of 
relying solely on the CA certificate path.
   
   ### Changes
   
   - **`OpensearchConfiguration`** - new `sslContextParameters` URI option 
(label `security`).
   - **`OpensearchComponent`** - now implements `SSLContextParametersAware`; 
exposes `sslContextParameters` and `useGlobalSslContextParameters` at component 
level. Propagates the component-level value to the endpoint configuration, 
falling back to the global `SSLContextParameters` when 
`useGlobalSslContextParameters=true`.
   - **`OpensearchProducer`** - the SSL setup in `createClient()` now prefers 
`SSLContextParameters` (via `createSSLContext(camelContext)`) when configured; 
falls back to `certificatePath` (existing behaviour), and finally to 
`SSLContext.getDefault()`.
   
   The existing certificate-path-only configuration continues to work as a 
fallback.
   
   ### Acceptance Criteria (from CAMEL-23314)
   
   - [x] Component supports SSLContextParameters configuration
   - [x] Named groups and signature schemes from SSLContextParameters are 
applied to TLS connections (via the underlying `SSLContext`)
   - [x] Existing certificate-path-only configuration still works as a fallback
   
   ## Test plan
   
   - [x] New \`OpensearchSslContextParametersTest\` (4 cases):
     - Configuration property round-trip
     - Component-level \`SSLContextParameters\` propagates to endpoint 
configuration
     - Global \`SSLContextParameters\` is used when 
\`useGlobalSslContextParameters=true\`
     - Component-level explicit value wins over the global one
   - [x] \`mvn test\` - 4/4 pass
   - [x] \`mvn -DskipTests install\` - catalog metadata regenerated 
(opensearch.json, configurers, endpoint URI factory)
   - [ ] CI will run the integration tests (require an OpenSearch container)
   
   ---
   _Claude Code on behalf of Andrea Cosentino_


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to