camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Siano, Stephan" <stephan.si...@sap.com>
Subject RE: camel http- to call https service does not import certificates automatically
Date Wed, 20 Mar 2013 05:49:24 GMT
Hi,

Why would you even want to import certificates automatically? This is absolutely not the way
TLS/SSL (and the whole X.509 stuff) is supposed to work. Automatically importing SSL certificates
will open up your communication to active (man-in-the-middle) attacks.

What you probably want to do if you are communicating with different servers is to import
the Root-CA certificate where the signing chain of the server certificates start. If the server
certificates are properly signed, manually importing that root certificate instead of each
single server certificate is sufficient.

Best regards
Stephan

-----Original Message-----
From: preety somani [mailto:preety.somani@i-exceed.com] 
Sent: Mittwoch, 20. März 2013 06:07
To: users@camel.apache.org
Subject: Re: camel http- to call https service does not import certificates automatically

Hi,

  can you tel me what I need to add to import the certificate
automatically?Also, it hits the https service only when the certificate is
manually imported to the java cacerts file and not my user defined keystore.
Can you tel me what I am doing wrong

Thanks,
Preety



--
View this message in context: http://camel.465427.n5.nabble.com/camel-http-to-call-https-service-does-not-import-certificates-automatically-tp5729413p5729467.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Mime
View raw message