To do this, I just declare a bean like this: <bean id="allHostname" class="org.apache.http.conn.ssl.AllowAllHostnameVerifier
And then use it on the endpoint like this: ?x509HostnameVerifier=allHostname Works without any issues. Ryan On Fri, Jun 5, 2015, 5:48 PM jspyeatt <john.pye...@singlewire.com> wrote: > Like several similar posts I've seen I need to allow self-signed certs for > https4 (2.15.2). Mine isn't working. > > I've created an implementation of HttpClientConfigurer that allows any > host/cert. Below is the implementation of configureHttpClient(). > > @Override > public void configureHttpClient(HttpClientBuilder httpClientBuilder) { > log.debug("configureHttpClient()"); > try { > SSLContextBuilder builder = new SSLContextBuilder(); > builder.loadTrustMaterial(null, new TrustSelfSignedStrategy() { > @Override > * public boolean isTrusted(X509Certificate[] a, String b) > throws CertificateException { > log.debug("isTrusted() returns true"); > return true; > }* > }); > > SSLContext sslContext = builder.build(); > > SSLConnectionSocketFactory sslsf = new > SSLConnectionSocketFactory(sslContext, new > TrustEverythingHostnameVerifier()); > } catch (Exception e) { > log.error(e,e); > throw new IllegalStateException("Unable to configure > TrustingHttpClientConfigurer", e); > } > } > > > Then in an implementation of CameltestSupport I've overridden > createRegistry(). > @Override > protected JndiRegistry createRegistry() throws Exception { > JndiRegistry jndi = super.createRegistry(); > log.info("createRegistry()"); > > *jndi.bind("MyConfigurer", new TrustingHttpClientConfigurer());* > Object o = > jndi.lookup(TrustingHttpClientConfigurer.HTTP_CLIENT_CONFIGURER); > log.debug("object type: " + o.getClass().getCanonicalName()); > return jndi; > } > > Then in my createRouteBuilder() it contains... > > return new RouteBuilder() { > public void configure() { > > log.debug("CONFIGURE"); > * > HttpComponent httpComponent = > context.getComponent("https4", > HttpComponent.class); > httpComponent.setHttpClientConfigurer(new > TrustingHttpClientConfigurer()); > > log.info("CCC " + > context.getRegistry().lookupByName("MyConfigurer")); > > from("direct:start").transform(simple("FRED")).to("https4:// > 172.30.253.94:8444/services?httpClientConfigurer=#MyConfigurer";* > } > }; > > public void testSimple() throws Exception { > HttpComponent comp = > template.getCamelContext().getComponent("https4", HttpComponent.class); > * log.info("DDD " + > comp.getHttpClientConfigurer().getClass().getCanonicalName());* > template.sendBody("direct:start", "FRED"); > > } > > When the test runs I do get > *DDD com.singlewire.monte.eh.config.TrustingHttpClientConfigurer* which is > what I would expect. > > However test is failing with the obligatory > javax.net.ssl.SSLHandshakeException. This is what I would expect given that > the component isn't calling my version of isTrusted(X509Certificate[] a, > String b) created during > TrustingHttpClientConfigurer.configureHttpClient(). > I know this because I never see the debug message indicating that it was > called. > > > So it's as if during execution of my route the configurator is being > ignored. > > I've tried ?httpClientConfigurer=#MyConfigurer > I've tried ?httpClientConfigurer=MyConfigurer > > I've tried forcing things like this. > HttpComponent httpComponent = context.getComponent("https4", > HttpComponent.class); > httpComponent.setHttpClientConfigurer(new TrustingHttpClientConfigurer()); > > Nothing seems to work. Any guidance would be greatly appreciated. > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922.html > Sent from the Camel - Users mailing list archive at Nabble.com. >