camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <willem.ji...@gmail.com>
Subject Re: Certificate issues when upgrading from 2.8 to 2.10
Date Wed, 04 Dec 2013 02:30:29 GMT
Hi,

Can you try to use the last Camel version to verify the if the issue is still there?
We upgraded the httpClient 4.x version several times.

-- 
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
          http://jnn.iteye.com (Chinese)
Twitter: willemjiang 
Weibo: 姜宁willem


On December 3, 2013 at 3:28:50 AM, rouble (r.ouble@gmail.com) wrote:
>
>Camel Gurus,
>
>I am running Camel 2.8, and to proxy a https web service I use
>the following simple route:
>from("servlet:///proxyWebService/api/?matchOnUriPrefix=true")
>.process(myProcessor)
>
>.to("https4://realWebService:8443/api/?bridgeEndpoint=true&throwExceptionOnFailure=false");
>
>This worked great in Camel 2.8. In camel 2.10, I am getting a "Certificate
>not verified" error. I have not changed anything in my code. I register the
>same trust manager as before. I noticed in the camel logs that in 2.10,
>instead of using https4, it is using plain https. Also, instead of proxying
>a GET, it is changing it to a POST. For instance here is the relevant line
>with 2.8:
>*[ http-bio-443-exec-16] HttpProducer DEBUG
>Executing http GET method:
>https4://example.com/foo?bridgeEndpoint=true&throwExceptionOnFailure=true
>*
>and with 2.10:
>*[ http-bio-443-exec-20] HttpProducer DEBUG
>Executing http POST method: https://example.com/foo
>*
>
>My client code is the same for both cases. But I notice in 2.10 it is not
>using https4 and using https. This seems wrong.
>
>Here are some more logs from the failing 2.10 scenario:
>http-bio-443-exec-20] HttpProducer DEBUG
>Starting producer: Producer[https4://
>example.com/foo?throwExceptionOnFailure=true&bridgeEndpoint=true]
>[ http-bio-443-exec-20] ProducerCache DEBUG
>Adding to producer cache with key: Endpoint[https4://
>example.com/foo?throwExceptionOnFailure=true&bridgeEndpoint=true] fo
>r producer: Producer[https4://
>example.com/foo?throwExceptionOnFailure=true&bridgeEndpoint=true]
>[ http-bio-443-exec-20] DefaultErrorHandler DEBUG
>Redelivery enabled: false on error handler:
>DefaultErrorHandler[Producer[https4://
>example.com/foo?throwExceptionOnFailure
>=true&bridgeEndpoint=true]]
>[ http-bio-443-exec-20] HttpProducer DEBUG The
>uri used by http request is https://example.com/foo
>[ http-bio-443-exec-20] HttpProducer DEBUG No
>Content-Type provided for URL: https://example.com/foo with exchange:
>Exchange[Message: SNIPPED]
>[ http-bio-443-exec-20] HttpProducer DEBUG
>Executing http POST method: https://example.com/foo
>[ http-bio-443-exec-20] ThreadSafeClientConnManager DEBUG Get
>connection: {s}->https://example.com, timeout = 0
>[ http-bio-443-exec-20] ConnPoolByRoute DEBUG [{s}->
>https://example.com] total kept alive: 0, total issued: 0, total allocated:
>0 out of 200
>[ http-bio-443-exec-20] ConnPoolByRoute DEBUG No
>free connections [{s}->https://example.com][null]
>[ http-bio-443-exec-20] ConnPoolByRoute DEBUG
>Available capacity: 20 out of 20 [{s}->https://example.com][null]
>[ http-bio-443-exec-20] ConnPoolByRoute DEBUG
>Creating new connection [{s}->https://example.com]
>[ http-bio-443-exec-20] efaultClientConnectionOperator DEBUG
>Connecting to example.com
>[ http-bio-443-exec-20] DefaultClientConnection DEBUG
>Connection org.apache.http.impl.conn.DefaultClientConnection@14b66e7 closed
>[ http-bio-443-exec-20] DefaultClientConnection DEBUG
>Connection org.apache.http.impl.conn.DefaultClientConnection@14b66e7 shut
>down
>[ http-bio-443-exec-20] ThreadSafeClientConnManager DEBUG
>Released connection is not reusable.
>[ http-bio-443-exec-20] ConnPoolByRoute DEBUG
>Releasing connection [{s}->https://example.com][null]
>[ http-bio-443-exec-20] DefaultClientConnection DEBUG
>Connection org.apache.http.impl.conn.DefaultClientConnection@14b66e7 closed
>[ http-bio-443-exec-20] ConnPoolByRoute DEBUG
>Notifying no-one, there are no waiting threads
>[ http-bio-443-exec-20] DefaultErrorHandler DEBUG
>Failed delivery for (MessageId: ID-apigw-hcmf-ws1-45019-1385508799740-0-3
>on ExchangeId: ID-apigw-hcmf-ws1-45019-1385508799740-0-4). On delivery
>attempt: 0 caught: javax.net.ssl.SSLException: Certificate not verified.
>[ http-bio-443-exec-20] TestExceptionHandler INFO
>TestExceptionHandler.process()
>[ http-bio-443-exec-20] TestExceptionHandler INFO
>Error-Certificate not verified. Certificate not verified.
>[ http-bio-443-exec-20] TestExceptionHandler INFO
>StackTrace--
>javax.net.ssl.SSLException: Certificate not verified.
>at com.rsa.sslj.x.aE.b(Unknown Source)
>at com.rsa.sslj.x.aE.a(Unknown Source)
>at com.rsa.sslj.x.aE.a(Unknown Source)
>at com.rsa.sslj.x.aP.c(Unknown Source)
>at com.rsa.sslj.x.aP.a(Unknown Source)
>at com.rsa.sslj.x.aP.h(Unknown Source)
>at com.rsa.sslj.x.cz.startHandshake(Unknown Source)
>at
>org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:534)
>
>
>tia,
>rouble
>


Mime
View raw message