camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Magnus Palmér <magnus.palmer.w...@gmail.com>
Subject Re: Disable CertificateValidation when Routing to HTTPS endpoint
Date Tue, 02 Aug 2011 06:54:31 GMT
OK, forgot to post that I found solution to my problem, it is based on some
of postings I've found but unfortunately I don't remember which one.
Still, I had to modify it to get it to work for me so here is how I did it,
in case someone else runs into the same problem:
(javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated)
>
> In the Spring applicationContext.xml:
<bean id="myHttpClientConfigurerTrustAllCACerts"
class="packagename.HttpClientConfigurerTrustAllCACerts" />

And in my route:
https4:
example.org/webservice?httpClientConfigurer=myHttpClientConfigurerTrustAllCACerts

My httpClientConfigurer (excluding package declaration)

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.camel.component.http4.HttpClientConfigurer;
import org.apache.camel.component.http4.HttpComponent;

import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.log4j.Logger;

public class HttpClientConfigurerTrustAllCACerts implements
        HttpClientConfigurer {

    private final static Logger logger = Logger
            .getLogger(HttpClientConfigurerTrustAllCACerts.class);

    HttpComponent httpComponent;

    public HttpClientConfigurerTrustAllCACerts() {
    }

    public void configureHttpClient(org.apache.http.client.HttpClient
client) {
        X509TrustManager tm = new X509TrustManager() {

            public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
                return null;
            }

            @Override
            public void checkClientTrusted(
                    java.security.cert.X509Certificate[] arg0, String arg1)
                    throws java.security.cert.CertificateException {

            }

            @Override
            public void checkServerTrusted(
                    java.security.cert.X509Certificate[] arg0, String arg1)
                    throws java.security.cert.CertificateException {

            }
        };
        try {
            SSLContext ctx = SSLContext.getInstance("SSL");
            ctx.init(null, new TrustManager[] { tm }, null);

            SSLSocketFactory ssf = new SSLSocketFactory(ctx,
                    SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            ClientConnectionManager ccm = client.getConnectionManager();
            SchemeRegistry sr = ccm.getSchemeRegistry();
            sr.register(new Scheme("https4", 443, ssf));

        } catch (NoSuchAlgorithmException e) {
            logger.error(e);
        } catch (KeyManagementException e) {
            logger.error(e);
        }

    }

}




2011/6/22 Magnus Palmér <magnus.palmer.work@gmail.com>

> Hi,
>
> I was just about to ask a similiar question after being up all night trying
> to get my https4 URI to work.
>
> I get this:
>
>> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>>
>
> There are several posts to be found via Google, some specific for Camel,
> and I've tried several others but must be missing something.
> Can't find a complete working example for self signed certificates though.
> I am at a loss right now after trying out a lot of different approaches.
> If anyone could point me in the right direction so I can get a fresh start
> again I will be most thankful.
> (Using Camel 2.7.2)
>
> Kind regards, Magnus Palmér
>
> P.S. Yes, I've seen this:
> http://camel.465427.n5.nabble.com/Using-HTTPS-in-camel-http-when-remote-side-has-self-signed-cert-td473876.html
> I've also read the http://camel.apache.org/http4.html
> Tried to make something out of the test sourcecode for http4 but so far
> failed.
> Also read this:
> http://stackoverflow.com/questions/5706166/apache-camel-http-and-ssl
>
>
> 2011/6/22 ychawla <premiergeneration@yahoo.com>
>
>> Does the server require a client certificate?  If so, you need to get the
>> Certificate Authority to provide you one.
>>
>> If the server just has an SSL Server certificate that is not in your
>> truststore, you can use HTTP conduit to configure your truststore to
>> accept
>> the certificate or add the certificate to your default truststore.
>>
>> More info on CXF and HTTP Conduit here:
>>
>>
>> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
>>
>> --
>> View this message in context:
>> http://camel.465427.n5.nabble.com/Disable-CertificateValidation-when-Routing-to-HTTPS-endpoint-tp4431968p4512855.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>
>
>
> --
> --
> Brgds, Magnus Palmér
> +46736845680
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message