i went through my post and got the code :)
public void configureHttpClient(org.apache.http.client.HttpClient
httpClient) {
try {
final BasicHttpParams httpParams = new
BasicHttpParams();
//if you want all host be rcognised irrespective of
ones in cert
HostnameVerifier hostnameVerifier =
org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
// load the keystore containing the client
certificate - keystore
// type is probably jks or pkcs12
final KeyStore keystore =
KeyStore.getInstance("jks");
InputStream keystoreInput = new FileInputStream(new
File(
"sslcerts/keystore.jks"));
keystore.load(keystoreInput,
"yourpassword".toCharArray());
// load the trustore, leave it null to rely on
cacerts distributed
// with the JVM - truststore type is probably jks or
pkcs12
KeyStore truststore = KeyStore.getInstance("jks");
InputStream truststoreInput = new
FileInputStream(new File(
"sslcerts/truststore.jks"));
truststore.load(truststoreInput,
"password".toCharArray());
SSLSocketFactory socketFactory = new
SSLSocketFactory(keystore,
"store password", truststore);
socketFactory
.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
httpClient.getConnectionManager().getSchemeRegistry().register(new
Scheme("https", socketFactory, 443));
} catch (Exception e) {
// TODO remove and add log into DB
e.printStackTrace();
}
}
}
useful debugging info if you are using karaf/smx
For turning on the ssl log in karaf which is mighty helpful i did add this
in java options section in karaf.bat
-Djavax.net.debug=all .This might not be correct way but it works and this
is the only way i could figure from internet :)
of course you have to modify this code and i neither approve/dissaprove the
use of your own trust store.
--
View this message in context:
http://camel.465427.n5.nabble.com/camel-http-to-call-https-service-does-not-import-certificates-automatically-tp5729413p5729552.html
Sent from the Camel - Users mailing list archive at Nabble.com.
