camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From santhosh <ramukhsohtna...@gmail.com>
Subject Re: camel http- to call https service does not import certificates automatically
Date Wed, 20 Mar 2013 17:28:41 GMT
i went through my post and got the code :)

public void configureHttpClient(org.apache.http.client.HttpClient
httpClient) {
               
                try {
                       
                        final BasicHttpParams httpParams = new
BasicHttpParams();

                        //if you want all host be rcognised irrespective of
ones in cert
                        HostnameVerifier hostnameVerifier =
org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

                        // load the keystore containing the client
certificate - keystore
                        // type is probably jks or pkcs12
                        final KeyStore keystore =
KeyStore.getInstance("jks");
                        InputStream keystoreInput = new FileInputStream(new
File(
                                        "sslcerts/keystore.jks"));
                       
                        keystore.load(keystoreInput,
"yourpassword".toCharArray());

                        // load the trustore, leave it null to rely on
cacerts distributed
                        // with the JVM - truststore type is probably jks or
pkcs12
                        KeyStore truststore = KeyStore.getInstance("jks");
                        InputStream truststoreInput = new
FileInputStream(new File(
                                        "sslcerts/truststore.jks"));
                       
                        truststore.load(truststoreInput,
"password".toCharArray());

                       
                        SSLSocketFactory socketFactory = new
SSLSocketFactory(keystore,
                                        "store password", truststore);
                        socketFactory
                                       
.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
                       
                       
httpClient.getConnectionManager().getSchemeRegistry().register(new
Scheme("https", socketFactory, 443));

                } catch (Exception e) {
                        // TODO remove and add log into DB
                        e.printStackTrace();
                }

        }
}

useful debugging info if you are using karaf/smx
For turning on the ssl log in karaf which is mighty helpful i did add this
in java options section in karaf.bat
-Djavax.net.debug=all .This  might not be correct way but it works and this
is the only way i could figure from internet :)

of course you have to modify this code and i neither approve/dissaprove the
use of your own trust store.





--
View this message in context: http://camel.465427.n5.nabble.com/camel-http-to-call-https-service-does-not-import-certificates-automatically-tp5729413p5729552.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Mime
View raw message