[ https://issues.apache.org/jira/browse/CAMEL-19022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17685810#comment-17685810 ]
Tapio Piironen commented on CAMEL-19022: ---------------------------------------- Thank you. It was about file: -addition to this. So need to add file: before true keystore location. Thank you for the help! > Camel-blueprint sslContextParameters and camel-ldap and camel-http(s) - no > custom trust is loaded > ------------------------------------------------------------------------------------------------- > > Key: CAMEL-19022 > URL: https://issues.apache.org/jira/browse/CAMEL-19022 > Project: Camel > Issue Type: Bug > Components: camel-blueprint, camel-http, camel-ldap > Affects Versions: 3.20.0, 3.20.1, 3.20.2 > Environment: Camel 3.20.2 > Karaf 4.4.3 > OpenJDK 17 > RedHat Linux 9 > Reporter: Tapio Piironen > Assignee: Grzegorz Grzybek > Priority: Major > > 1) camel-ldap problem: > In blueprint style camel config trust is not loaded after 3.20 camel. 3.18.5 > still loads custom trust. > Followed instructions in > [https://camel.apache.org/components/3.20.x/ldap-component.html] > Blueprint that fails to load trust is following: > <sslContextParameters xmlns="http://camel.apache.org/schema/blueprint" > id="sslContextParameters"> <keyManagers keyPassword="\{{keystore.pwd}}"> > <keyStore resource="\{{keystore.url}}" password="\{{keystore.pwd}}"/> > </keyManagers> </sslContextParameters> <bean id="customSocketFactory" > class="zotix.co.util.CustomSocketFactory"> <argument > ref="sslContextParameters" /> </bean> > CustomSocketFactory the same as in ldap-component documentation. > Documentation loads keyManager as trustManager (which might be better to be > fixed in documentation but anyways). > > 2) camel-http(s) problem is about client certificate insertion . There > sslContextParameters are included in sslcontextparams and camel-https call > like: > <sslContextParameters > id="sslContextParameters"> > <keyManagers > keyPassword="\{{pwd}}"> > <keyStore > resource="\{{jks.location}}" > password="\{{password}}"/> > </keyManagers> > <serverParameters > clientAuthentication="WANT"/> > <clientParameters> > <cipherSuitesFilter> > <camel:include>.*</camel:include> > </cipherSuitesFilter> > </clientParameters> > </sslContextParameters> > and the final call via: > <to > uri="https://\{{server}}?httpClient.connectionRequestTimeout=10000&httpClient.socketTimeout=30000&sslContextParameters=#sslContextParameters"/> > in this case we get denial from server as handshake_failure . > > Is configuring changed in 3.20 or is this a bug? -- This message was sent by Atlassian Jira (v8.20.10#820010)