To do this, I just declare a bean like this:
<bean id="allHostname"
class="org.apache.http.conn.ssl.AllowAllHostnameVerifier
And then use it on the endpoint like this:
?x509HostnameVerifier=allHostname
Works without any issues.
Ryan
On Fri, Jun 5, 2015, 5:48 PM jspyeatt <john.pye...@singlewire.com> wrote:
> Like several similar posts I've seen I need to allow self-signed certs for
> https4 (2.15.2). Mine isn't working.
>
> I've created an implementation of HttpClientConfigurer that allows any
> host/cert. Below is the implementation of configureHttpClient().
>
> @Override
> public void configureHttpClient(HttpClientBuilder httpClientBuilder) {
> log.debug("configureHttpClient()");
> try {
> SSLContextBuilder builder = new SSLContextBuilder();
> builder.loadTrustMaterial(null, new TrustSelfSignedStrategy() {
> @Override
> * public boolean isTrusted(X509Certificate[] a, String b)
> throws CertificateException {
> log.debug("isTrusted() returns true");
> return true;
> }*
> });
>
> SSLContext sslContext = builder.build();
>
> SSLConnectionSocketFactory sslsf = new
> SSLConnectionSocketFactory(sslContext, new
> TrustEverythingHostnameVerifier());
> } catch (Exception e) {
> log.error(e,e);
> throw new IllegalStateException("Unable to configure
> TrustingHttpClientConfigurer", e);
> }
> }
>
>
> Then in an implementation of CameltestSupport I've overridden
> createRegistry().
> @Override
> protected JndiRegistry createRegistry() throws Exception {
> JndiRegistry jndi = super.createRegistry();
> log.info("createRegistry()");
>
> *jndi.bind("MyConfigurer", new TrustingHttpClientConfigurer());*
> Object o =
> jndi.lookup(TrustingHttpClientConfigurer.HTTP_CLIENT_CONFIGURER);
> log.debug("object type: " + o.getClass().getCanonicalName());
> return jndi;
> }
>
> Then in my createRouteBuilder() it contains...
>
> return new RouteBuilder() {
> public void configure() {
>
> log.debug("CONFIGURE");
> *
> HttpComponent httpComponent =
> context.getComponent("https4",
> HttpComponent.class);
> httpComponent.setHttpClientConfigurer(new
> TrustingHttpClientConfigurer());
>
> log.info("CCC " +
> context.getRegistry().lookupByName("MyConfigurer"));
>
> from("direct:start").transform(simple("FRED")).to("https4://
> 172.30.253.94:8444/services?httpClientConfigurer=#MyConfigurer";*
> }
> };
>
> public void testSimple() throws Exception {
> HttpComponent comp =
> template.getCamelContext().getComponent("https4", HttpComponent.class);
> * log.info("DDD " +
> comp.getHttpClientConfigurer().getClass().getCanonicalName());*
> template.sendBody("direct:start", "FRED");
>
> }
>
> When the test runs I do get
> *DDD com.singlewire.monte.eh.config.TrustingHttpClientConfigurer* which is
> what I would expect.
>
> However test is failing with the obligatory
> javax.net.ssl.SSLHandshakeException. This is what I would expect given that
> the component isn't calling my version of isTrusted(X509Certificate[] a,
> String b) created during
> TrustingHttpClientConfigurer.configureHttpClient().
> I know this because I never see the debug message indicating that it was
> called.
>
>
> So it's as if during execution of my route the configurator is being
> ignored.
>
> I've tried ?httpClientConfigurer=#MyConfigurer
> I've tried ?httpClientConfigurer=MyConfigurer
>
> I've tried forcing things like this.
> HttpComponent httpComponent = context.getComponent("https4",
> HttpComponent.class);
> httpComponent.setHttpClientConfigurer(new TrustingHttpClientConfigurer());
>
> Nothing seems to work. Any guidance would be greatly appreciated.
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
