[jira] [Commented] (CAMEL-19022) Camel-blueprint sslContextParameters and camel-ldap and camel-http(s) - no custom trust is loaded

Wed, 08 Feb 2023 01:51:12 -0800 


    [ 
https://issues.apache.org/jira/browse/CAMEL-19022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17685810#comment-17685810
 ] 

Tapio Piironen commented on CAMEL-19022:
----------------------------------------

Thank you. It was about file: -addition to this. So need to add file: before 
true keystore location. Thank you for the help! 

> Camel-blueprint sslContextParameters and camel-ldap and camel-http(s) - no 
> custom trust is loaded
> -------------------------------------------------------------------------------------------------
>
>                 Key: CAMEL-19022
>                 URL: https://issues.apache.org/jira/browse/CAMEL-19022
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-blueprint, camel-http, camel-ldap
>    Affects Versions: 3.20.0, 3.20.1, 3.20.2
>         Environment: Camel 3.20.2 
> Karaf 4.4.3
> OpenJDK 17
> RedHat Linux 9
>            Reporter: Tapio Piironen
>            Assignee: Grzegorz Grzybek
>            Priority: Major
>
> 1) camel-ldap problem:
> In blueprint style camel config trust is not loaded after 3.20 camel. 3.18.5 
> still loads custom trust.
> Followed instructions in 
> [https://camel.apache.org/components/3.20.x/ldap-component.html]
> Blueprint that fails to load trust is following:
> <sslContextParameters xmlns="http://camel.apache.org/schema/blueprint"; 
> id="sslContextParameters"> <keyManagers keyPassword="\{{keystore.pwd}}"> 
> <keyStore resource="\{{keystore.url}}" password="\{{keystore.pwd}}"/> 
> </keyManagers> </sslContextParameters> <bean id="customSocketFactory" 
> class="zotix.co.util.CustomSocketFactory"> <argument 
> ref="sslContextParameters" /> </bean>
> CustomSocketFactory the same as in ldap-component documentation. 
> Documentation loads keyManager as trustManager (which might be better to be 
> fixed in documentation but anyways).
>  
> 2) camel-http(s) problem is about client certificate insertion . There 
> sslContextParameters are included in sslcontextparams and camel-https call 
> like:
>  <sslContextParameters
>             id="sslContextParameters">
>         <keyManagers
>                 keyPassword="\{{pwd}}">
>             <keyStore
>                     resource="\{{jks.location}}"
>                     password="\{{password}}"/>
>         </keyManagers>
>         <serverParameters
>                 clientAuthentication="WANT"/>
>         <clientParameters>
>             <cipherSuitesFilter>
>                 <camel:include>.*</camel:include>
>             </cipherSuitesFilter>
>         </clientParameters>
>     </sslContextParameters>
> and the final call via:
> <to 
> uri="https://\{{server}}?httpClient.connectionRequestTimeout=10000&amp;httpClient.socketTimeout=30000&amp;sslContextParameters=#sslContextParameters"/>
> in this case we get denial from server as handshake_failure .
>  
> Is configuring changed in 3.20 or is this a bug?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to