Dear community, I'm using Karaf 4.2.7 with Camel 3.0.0. For calling an external HTTPS resource I need to configure the truststore for the Camel HTTP component. See my blueprint route below
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"; xmlns:camel="http://camel.apache.org/schema/blueprint";> <!-- set JMS connection factory --> <bean id="jmsConnectionFactory" class="org.apache.activemq.ActiveMQConnectionFactory"> <property name="brokerURL" value="tcp://localhost:61616" /> <property name="userName" value="admin" /> <property name="password" value="xxxxx" /> </bean> <!-- set truststore --> <camel:sslContextParameters id="sslContextParameters"> <camel:keyManagers keyPassword="xxxxx"> <camel:keyStore resource="/home/ec2-user/casisp-runtime/apache-karaf-4.2.7/etc/truststore.jks" password="xxxxx" /> </camel:keyManagers> </camel:sslContextParameters> <camelContext id="isp.routes.system.deployment" xmlns="http://camel.apache.org/schema/blueprint";> <route id="isp.routes.system.deployment"> <from uri="file:/tmp/in?include=.*\.xml&moveFailed=error" /> <log message="isp.routes.system.deployment - Route started" /> <!-- set HTTP header values --> <setHeader name="CamelHttpMethod"> <constant>GET</constant> </setHeader> <setHeader name="Content-Type"> <constant>application/json</constant> </setHeader> <setHeader name="Authorization"> <constant>Basic xxxxx</constant> </setHeader> <toD uri='https://ec2-3-124-33-3.eu-central-1.compute.amazonaws.com:8080/api/v2/data/integrationservice?filter={"deployDev": true}&sslContextParameters=#sslContextParameters' /> <to uri="activemq:queue:IN" /> <log message="isp.routes.system.deployment.xml - Route finished" /> </route> </camelContext> </blueprint> The truststore contains 1 self signed PEM cert from the destination. Finally I'm still getting an error javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Do I still miss something? Is there any other way to configure a truststore globally for the HTTP component? Many thanks in advance for any comments and hints. Best - Gerald
