Return-Path: X-Original-To: apmail-camel-users-archive@www.apache.org Delivered-To: apmail-camel-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 34635D74A for ; Mon, 27 May 2013 17:09:18 +0000 (UTC) Received: (qmail 35241 invoked by uid 500); 27 May 2013 17:09:17 -0000 Delivered-To: apmail-camel-users-archive@camel.apache.org Received: (qmail 34925 invoked by uid 500); 27 May 2013 17:09:17 -0000 Mailing-List: contact users-help@camel.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@camel.apache.org Delivered-To: mailing list users@camel.apache.org Received: (qmail 34897 invoked by uid 99); 27 May 2013 17:09:16 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 May 2013 17:09:16 +0000 X-ASF-Spam-Status: No, hits=2.3 required=5.0 tests=SPF_SOFTFAIL,URI_HEX X-Spam-Check-By: apache.org Received-SPF: softfail (nike.apache.org: transitioning domain of ryan_ternier@hotmail.com does not designate 216.139.236.26 as permitted sender) Received: from [216.139.236.26] (HELO sam.nabble.com) (216.139.236.26) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 May 2013 17:09:10 +0000 Received: from [192.168.236.26] (helo=sam.nabble.com) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1Uh0ug-0001u9-0T for users@camel.apache.org; Mon, 27 May 2013 10:08:50 -0700 Date: Mon, 27 May 2013 10:08:50 -0700 (PDT) From: RTernier To: users@camel.apache.org Message-ID: <1369674529994-5733275.post@n5.nabble.com> In-Reply-To: References: <1369170494996-5732925.post@n5.nabble.com> <1369238956522-5732972.post@n5.nabble.com> <1369435783709-5733138.post@n5.nabble.com> Subject: RE: SSL : Server Certs and Client certificate passthrough MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org There might be some lingo confusion - I've been a .NET guy for 13 years who was thrown into a Java/Apache world where I have 0 experience. When a client accesses our web services, they are accessed over TCP port 443 - where SSL is required. The servers have their own SSL (x509) certificate for encryption, however they also force client certificates - not for encryption but for authentication. For example: If I see that a person is sending in a message with the following certificate "XXXX_HD1", I will want to pull up a certificate from the store that corresponds to that certificate and pass that along when I forward the message to another web service. I also might want to use a different certificate if I need to forward it to another service. This is the current architecture for this government agency, and it's not going to change. -- View this message in context: http://camel.465427.n5.nabble.com/SSL-Server-Certs-and-Client-certificate-passthrough-tp5732925p5733275.html Sent from the Camel - Users mailing list archive at Nabble.com.