Mailing-List: contact dev-help@camel.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@camel.apache.org
Message-ID: <17927057.13431271339024776.JavaMail.jira@thor>
Date: Thu, 15 Apr 2010 09:43:44 -0400 (EDT)
From: "Ashwin Karpe (JIRA)" <jira@apache.org>
To: camel-dev@activemq.apache.org
Subject: [jira] Commented: (CAMEL-2625) Improvements and minor change
 requests to camel-netty
In-Reply-To: <1845967596.14771270778948540.JavaMail.jira@brutus.apache.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/activemq/browse/CAMEL-2625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=58875#action_58875 ] 

Ashwin Karpe commented on CAMEL-2625:
-------------------------------------

Hi Claus,

I have updated the WIKI with the 2 setting and am marking this issue as resolved.

Cheers,

Ashwin...

> Improvements and minor change requests to camel-netty
> -----------------------------------------------------
>
>                 Key: CAMEL-2625
>                 URL: https://issues.apache.org/activemq/browse/CAMEL-2625
>             Project: Apache Camel
>          Issue Type: Improvement
>            Reporter: Ashwin Karpe
>            Assignee: Ashwin Karpe
>             Fix For: 2.3.0
>
>         Attachments: CAMEL-2625-Netty.patch, CAMEL-2625-netty.zip
>
>
> (Request by Gareth Collins via nabble request...)
> Would it be possible to make the TrustManager optional for Netty SSL support? I made a change in my local version of camel-netty and it works for me (file org.apache.camel.component.netty.ssl.SSLEngineFactory - replacement for the original SSLEngineFactory constructor): 
> public SSLEngineFactory(File keyStoreFile, File trustStoreFile, char[] passphrase) throws Exception { 
>         super();         
>         
>         KeyStore ks = KeyStore.getInstance("JKS"); 
>         
>         ks.load(IOConverter.toInputStream(keyStoreFile), passphrase); 
>         
>         KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); 
>         kmf.init(ks, passphrase); 
>         
>         sslContext = SSLContext.getInstance(SSL_PROTOCOL); 
>         
>         
>         if (trustStoreFile != null) 
>         { 
>         
>         KeyStore ts = KeyStore.getInstance("JKS"); 
>         ts.load(IOConverter.toInputStream(trustStoreFile), passphrase); 
>         TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); 
>         tmf.init(ts); 
>         sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); 
>         } 
>         else 
>         { 
>         sslContext.init(kmf.getKeyManagers(), null, null); 
>         } 
>     } 
> I ask for this as I have to contact a server where SSL will not work properly if a TrustManager is installed. If this could go in before CAMEL 2.3 it would be much appreciated. 
> A couple of questions about the netty implementation: 
> (1) Is there a reason why JKS was hardcoded here, rather than allowing the key store format to be configured? 
> (2) When I add the TrustManager using netty for the connection where it could not be used, netty throws me no exception, the connection remains open, but the messages I send do not get to the server. If I connect directly using an SSLSocket I see a javax.net.ssl.SSLHandshakeException. Is there something I am missing here?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/activemq/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira