camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <willem.ji...@gmail.com>
Subject Re: Using HTTPS in camel-http when remote side has self-signed cert
Date Sat, 17 Oct 2009 03:44:13 GMT
Hi,

You can do some customer modification on the HttpClient through the 
CamelHttpClientConfigurer interface.

public class AcceptSelfSignCertHttpClientConfigure implements 
HttpClientConfigurer {

     public void configureHttpClient(HttpClient client) {
         // register the customer SSLFactory
         ProtocolSocketFactory easy = new EasySSLProtocolSocketFactory();
         Protocol protocol = new Protocol("https", easy, 8443);
         Protocol.registerProtocol("https", protocol);

     }
}

And configure the configure through the HTTP endpoint URI.

If you has another http client configuration , you can use the 
CompositeHttpConfigurer[1] to hold these configuration.

[1] 
https://svn.apache.org/repos/asf/camel/trunk/components/camel-http/src/main/java/org/apache/camel/component/http/CompositeHttpConfigurer.java

Willem


Scott Parkerson wrote:
> I'm trying to use Camel's HTTP component to send a POST request to a
> web service using HTTPS. When I attempt to connect, I get the
> following exception:
> 
> org.apache.camel.RuntimeCamelException:
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
>         at org.apache.camel.util.ObjectHelper.wrapRuntimeCamelException(ObjectHelper.java:850)
>         at org.apache.camel.impl.ProducerCache.send(ProducerCache.java:138)
>         at org.apache.camel.impl.DefaultProducerTemplate.send(DefaultProducerTemplate.java:101)
>         at org.apache.camel.impl.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:105)
>         at org.apache.camel.impl.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:121)
>         at org.apache.camel.impl.DefaultProducerTemplate.requestBody(DefaultProducerTemplate.java:201)
> [etc.]
> 
> I'm pretty sure that this is because the remote side is using a
> self-signed certificate.
> 
> The question is: is there a good way to replace the behavior SSL
> factory used by the Commons HTTPClient inside of the camel-http
> component to make it accept self-signed certificates? I see that the
> docs mention that you can provide a class that extends
> CamelHttpClientConfigurer and configure the endpoint to use a
> reference to that bean.
> 
> Ideas?
> 
> --sgp
> cf. http://www.smerpology.org/
> 


Mime
View raw message