Return-Path: X-Original-To: apmail-camel-users-archive@www.apache.org Delivered-To: apmail-camel-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 88FEF17D1E for ; Mon, 6 Apr 2015 06:36:49 +0000 (UTC) Received: (qmail 40477 invoked by uid 500); 6 Apr 2015 06:36:49 -0000 Delivered-To: apmail-camel-users-archive@camel.apache.org Received: (qmail 40422 invoked by uid 500); 6 Apr 2015 06:36:49 -0000 Mailing-List: contact users-help@camel.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@camel.apache.org Delivered-To: mailing list users@camel.apache.org Received: (qmail 40410 invoked by uid 99); 6 Apr 2015 06:36:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Apr 2015 06:36:48 +0000 X-ASF-Spam-Status: No, hits=1.6 required=5.0 tests=FREEMAIL_REPLY,RCVD_IN_DNSWL_LOW,SPF_PASS,URI_HEX X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of willem.jiang@gmail.com designates 209.85.213.171 as permitted sender) Received: from [209.85.213.171] (HELO mail-ig0-f171.google.com) (209.85.213.171) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Apr 2015 06:36:44 +0000 Received: by igcau2 with SMTP id au2so14609546igc.1 for ; Sun, 05 Apr 2015 23:36:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:message-id:in-reply-to:references:subject:mime-version :content-type:content-transfer-encoding:content-disposition; bh=8c5BQv/uKAs7hRUcFESYIJkdJVAkEJexIP3X38qu/fY=; b=FKZj09Xt7bfV3JUaQBKXWcTaTDAbl5VTefbfkZ7t+pwMZS1aPbTABX2rrUXC+DtTUB GXmE1oddVcJjheF/W7sS8Wieh4cPZSTfbDxh4YfX8rMv/iljrjnmTg2qZTJvWNfWRbbp l35sgA7M0PIc0s5qmXsNXO9nQdNkRv3vMXUEi1MKWiN0ewwQPAdEOjx0xmjlxd+z1XOj L9kk/1NdKW3D2Lt1ORl9QYWf+Ho58ZgJtZ+mAgGx62xF4WbZ9fVyyfxKKK3pn1fkZECl RtTaAkWNlY/2pkQkA0X9BKd9IeZf5BuTuKhZIidHz7f6Dh2ZLJwU2bgE90W9qIfzwhcn WNKw== X-Received: by 10.50.117.4 with SMTP id ka4mr628011igb.10.1428302184060; Sun, 05 Apr 2015 23:36:24 -0700 (PDT) Received: from localhost ([123.115.79.96]) by mx.google.com with ESMTPSA id j2sm2302583ioi.8.2015.04.05.23.36.20 for (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 05 Apr 2015 23:36:20 -0700 (PDT) Date: Mon, 6 Apr 2015 14:35:55 +0800 From: Willem Jiang To: users@camel.apache.org Message-ID: In-Reply-To: <1428092154889-5765296.post@n5.nabble.com> References: <1428092154889-5765296.post@n5.nabble.com> Subject: Re: Jetty HTTPS 2way X-Mailer: Airmail (249) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Virus-Checked: Checked by ClamAV on apache.org It looks like some thing is wrong when doing the TLSv1.2 Handshake.=C2=A0= Can you try to use camel-http or camel-http4 to do the same thing=3F -- =20 Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang =20 Weibo: =E5=A7=9C=E5=AE=81willem On April 4, 2015 at 4:17:21 AM, garethahealy (garethahealy=40gmail.com) w= rote: > I am trying to make a rest call, via HTTPS and have 2way auth. I origin= ally > tried to do this with CX=46=5B1=5D, but due to an issue with the condui= t not > attaching, have moved to a jetty endpoint. > =20 > I have the below config for the jetty endpoint: > =20 > > class=3D=22org.apache.camel.util.jsse.KeyStoreParameters=22> > > value=3D=22=24=7Bhttp.certs.location=7D/client-keystore.jks=22/> > =20 > =20 > =20 > > class=3D=22org.apache.camel.util.jsse.KeyStoreParameters=22> > > value=3D=22=24=7Bhttp.certs.location=7D/client-truststore.jks=22/> > =20 > =20 > =20 > > class=3D=22org.apache.camel.util.jsse.TrustManagersParameters=22> > =20 > =20 > =20 > > class=3D=22org.apache.camel.util.jsse.KeyManagersParameters=22> > =20 > =20 > =20 > =20 > > class=3D=22org.apache.camel.util.jsse.SSLContextParameters=22> > =20 > =20 > =20 > =20 > > class=3D=22org.apache.camel.component.jetty.JettyHttpComponent=22> > =20 > =20 > =20 > And make the call as per: > =20 > =20 > =20 > > uri=3D=22jetty://=7B=7Bfuse.rest.transport=7D=7D://=7B=7Bfuse.rest.ho= st=7D=7D:=7B=7Bfuse.rest.port=7D=7D/rest/fuse=22/> =20 > =20 > But i still get cert issues. I know the certs are correct and that i am= > pointing to the correct stores as i have a simple java class that prove= s > this works. I've put SSL in debug=5B2=5D, but am not sure what a lot of= it > means. The main thing that sticks out is: > =20 > CamelJettyClient(0x73d8db54)-4716, WRITE: TLSv1.2 Handshake, length =3D= 48 > CamelJettyClient(0x73d8db54)-4712, called closeInbound() > CamelJettyClient(0x73d8db54)-4712, fatal error: 80: Inbound closed befo= re > receiving peer's close=5Fnotify: possible truncation attack=3F > javax.net.ssl.SSLException: Inbound closed before receiving peer's > close=5Fnotify: possible truncation attack=3F > %% Invalidated: =5BSession-35, TLS=5FECDHE=5FRSA=5FWITH=5F3DES=5FEDE=5F= CBC=5FSHA=5D > =20 > This is for camel 2.12. > =20 > Have i missed something on the config side=3F > =20 > =5B1=5D > http://cxf.547215.n5.nabble.com/Camel-CX=46-HTTPS-http-tlsClientParamet= ers-not-attaching-td5755601.html =20 > =5B2=5D https://gist.github.com/garethahealy/0144444fcfe6d59eb53b > =20 > =20 > =20 > -- > View this message in context: http://camel.465427.n5.nabble.com/Jetty-H= TTPS-2way-tp5765296.html =20 > Sent from the Camel - Users mailing list archive at Nabble.com. > =20