Re: Jetty HTTPS 2way

2015-04-09 Thread garethahealy 
Hi Willem,

I am using Fuse 6.1-redhat-379.

Cheers.



--
View this message in context: 
http://camel.465427.n5.nabble.com/Jetty-HTTPS-2way-tp5765296p5765502.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: Jetty HTTPS 2way

2015-04-09 Thread Willem Jiang 
Which of CXF version are you using?

If I remember right CXF fix some SSLv3 issue last year within the version of 
2.7.x, I’m not sure if it can cause the issue that you faced.


--  
Willem Jiang

Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang  
Weibo: 姜宁willem



On April 7, 2015 at 4:35:14 PM, garethahealy (garethahe...@gmail.com) wrote:
 Hi Willem,
  
 Switched to camel-http4 and works.
  
 Cheers.
  
  
  
 --
 View this message in context: 
 http://camel.465427.n5.nabble.com/Jetty-HTTPS-2way-tp5765296p5765431.html  
 Sent from the Camel - Users mailing list archive at Nabble.com.

Re: Jetty HTTPS 2way

2015-04-07 Thread garethahealy 
Hi Willem,

Switched to camel-http4 and works. 

Cheers.



--
View this message in context: 
http://camel.465427.n5.nabble.com/Jetty-HTTPS-2way-tp5765296p5765431.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: Jetty HTTPS 2way

2015-04-06 Thread Willem Jiang 
It looks like some thing is wrong when doing the TLSv1.2 Handshake. 
Can you try to use camel-http or camel-http4 to do the same thing?

--  
Willem Jiang

Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang  
Weibo: 姜宁willem



On April 4, 2015 at 4:17:21 AM, garethahealy (garethahe...@gmail.com) wrote:
 I am trying to make a rest call, via HTTPS and have 2way auth. I originally
 tried to do this with CXF[1], but due to an issue with the conduit not
 attaching, have moved to a jetty endpoint.
  
 I have the below config for the jetty endpoint:
  
  class=org.apache.camel.util.jsse.KeyStoreParameters
  value=${http.certs.location}/client-keystore.jks/
  
  
  
  class=org.apache.camel.util.jsse.KeyStoreParameters
  value=${http.certs.location}/client-truststore.jks/
  
  
  
  class=org.apache.camel.util.jsse.TrustManagersParameters
  
  
  
  class=org.apache.camel.util.jsse.KeyManagersParameters
  
  
  
  
  class=org.apache.camel.util.jsse.SSLContextParameters
  
  
  
  
  class=org.apache.camel.component.jetty.JettyHttpComponent
  
  
  
 And make the call as per:
  
  
  
  uri=jetty://{{fuse.rest.transport}}://{{fuse.rest.host}}:{{fuse.rest.port}}/rest/fuse/

  
 But i still get cert issues. I know the certs are correct and that i am
 pointing to the correct stores as i have a simple java class that proves
 this works. I've put SSL in debug[2], but am not sure what a lot of it
 means. The main thing that sticks out is:
  
 CamelJettyClient(0x73d8db54)-4716, WRITE: TLSv1.2 Handshake, length = 48
 CamelJettyClient(0x73d8db54)-4712, called closeInbound()
 CamelJettyClient(0x73d8db54)-4712, fatal error: 80: Inbound closed before
 receiving peer's close_notify: possible truncation attack?
 javax.net.ssl.SSLException: Inbound closed before receiving peer's
 close_notify: possible truncation attack?
 %% Invalidated: [Session-35, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA]
  
 This is for camel 2.12.
  
 Have i missed something on the config side?
  
 [1]
 http://cxf.547215.n5.nabble.com/Camel-CXF-HTTPS-http-tlsClientParameters-not-attaching-td5755601.html
   
 [2] https://gist.github.com/garethahealy/014fcfe6d59eb53b
  
  
  
 --
 View this message in context: 
 http://camel.465427.n5.nabble.com/Jetty-HTTPS-2way-tp5765296.html  
 Sent from the Camel - Users mailing list archive at Nabble.com.