[
https://issues.apache.org/activemq/browse/CAMEL-2625?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ashwin Karpe updated CAMEL-2625:
--------------------------------
Attachment: CAMEL-2625-camel-netty.zip
CAMEL-2625-Netty-Patch.diff
Hi Claus & Gareth,
I have attached a patch and zip file containing the updated camel-netty
component.
I have made the changes to the SSL functionality you requested. I have also
made the Keystore Format and Security Provider configurable.
As for the final issue, I am not quite sure on how to reproduce it and need
further guidance.
I have performed the checkstyle checks and tested the code to see whether all
the tests go through.... Could you please review and let me know if I can go
ahead and commit this patch.
Cheers,
Ashwin...
> Improvements and minor change requests to camel-netty
> -----------------------------------------------------
>
> Key: CAMEL-2625
> URL: https://issues.apache.org/activemq/browse/CAMEL-2625
> Project: Apache Camel
> Issue Type: Improvement
> Reporter: Ashwin Karpe
> Assignee: Ashwin Karpe
> Fix For: 2.3.0
>
> Attachments: CAMEL-2625-camel-netty.zip, CAMEL-2625-Netty-Patch.diff
>
>
> (Request by Gareth Collins via nabble request...)
> Would it be possible to make the TrustManager optional for Netty SSL support?
> I made a change in my local version of camel-netty and it works for me (file
> org.apache.camel.component.netty.ssl.SSLEngineFactory - replacement for the
> original SSLEngineFactory constructor):
> public SSLEngineFactory(File keyStoreFile, File trustStoreFile, char[]
> passphrase) throws Exception {
> super();
>
> KeyStore ks = KeyStore.getInstance("JKS");
>
> ks.load(IOConverter.toInputStream(keyStoreFile), passphrase);
>
> KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
> kmf.init(ks, passphrase);
>
> sslContext = SSLContext.getInstance(SSL_PROTOCOL);
>
>
> if (trustStoreFile != null)
> {
>
> KeyStore ts = KeyStore.getInstance("JKS");
> ts.load(IOConverter.toInputStream(trustStoreFile), passphrase);
> TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
> tmf.init(ts);
> sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
> }
> else
> {
> sslContext.init(kmf.getKeyManagers(), null, null);
> }
> }
> I ask for this as I have to contact a server where SSL will not work properly
> if a TrustManager is installed. If this could go in before CAMEL 2.3 it would
> be much appreciated.
> A couple of questions about the netty implementation:
> (1) Is there a reason why JKS was hardcoded here, rather than allowing the
> key store format to be configured?
> (2) When I add the TrustManager using netty for the connection where it could
> not be used, netty throws me no exception, the connection remains open, but
> the messages I send do not get to the server. If I connect directly using an
> SSLSocket I see a javax.net.ssl.SSLHandshakeException. Is there something I
> am missing here?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
