(camel-k-examples) branch main updated: (#98) NettySecureServer may not be able to access keystore

pcongiusti Mon, 10 Jun 2024 02:00:41 -0700

This is an automated email from the ASF dual-hosted git repository.

pcongiusti pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-k-examples.git



The following commit(s) were added to refs/heads/main by this push:
     new 36ae20a  (#98) NettySecureServer may not be able to access keystore
36ae20a is described below

commit 36ae20a60d977bf0d18a9c92f6d5554c8c693db7
Author: Thomas Diesler <[email protected]>
AuthorDate: Mon Jun 10 10:30:09 2024 +0200

    (#98) NettySecureServer may not be able to access keystore
---
 generic-examples/http/NettySecureServer.java | 14 ++------------
 generic-examples/http/README.md              | 20 ++++++++++++++------
 2 files changed, 16 insertions(+), 18 deletions(-)

diff --git a/generic-examples/http/NettySecureServer.java 
b/generic-examples/http/NettySecureServer.java
index 356cdf5..bcfbdf1 100644
--- a/generic-examples/http/NettySecureServer.java
+++ b/generic-examples/http/NettySecureServer.java
@@ -15,16 +15,6 @@
  * limitations under the License.
  */
 
-// Generate keystore.jks and truststore.jks (for this example, keystore and 
truststore password = changeit):
-//
-// keytool -genkeypair -alias EntryName -keyalg RSA -keysize 2048 -keystore 
keystore.jks
-// keytool -exportcert -alias EntryName -keystore keystore.jks -rfc -file 
public.cert
-// keytool -import -alias EntryName -file public.cert -storetype JKS -keystore 
truststore.jks
-
-// Create the secrets associated with the stores:
-//
-// kubectl create secret generic http-keystore --from-file keystore.jks
-// kubectl create secret generic http-truststore --from-file truststore.jks
 
 import org.apache.camel.builder.RouteBuilder;
 
@@ -40,13 +30,13 @@ public class NettySecureServer extends RouteBuilder {
 
    private void registerSslContextParameter() throws Exception {
       KeyStoreParameters ksp = new KeyStoreParameters();
-      ksp.setResource("/etc/ssl/keystore.jks");
+      ksp.setResource("file:/etc/ssl/keystore.jks");
       ksp.setPassword("changeit");
       KeyManagersParameters kmp = new KeyManagersParameters();
       kmp.setKeyPassword("changeit");
       kmp.setKeyStore(ksp);
       KeyStoreParameters tsp = new KeyStoreParameters();
-      tsp.setResource("/etc/ssl/truststore.jks");
+      tsp.setResource("file:/etc/ssl/truststore.jks");
       tsp.setPassword("changeit");
       TrustManagersParameters tmp = new TrustManagersParameters();
       tmp.setKeyStore(tsp);
diff --git a/generic-examples/http/README.md b/generic-examples/http/README.md
index 639d091..3da5b80 100644
--- a/generic-examples/http/README.md
+++ b/generic-examples/http/README.md
@@ -36,14 +36,24 @@ Alternatively, you could run: `curl 
http://<service-location>/hello`.
 
 ### Run the NettySecureServer
 
-This integration requires a Keystore and a Truststore. Open 
[NettySecureServer.java](./NettySecureServer.java) to find instructions on how 
to generate a required `keystore.jks` and `truststore.jks` file. For this 
example, keystore and truststore password is `changeit`
-
-Run the integration:
-
+This integration requires a Keystore and a Truststore. Open 
[NettySecureServer.java](./NettySecureServer.java) to find instructions on how 
to generate a required `keystore.jks` and `truststore.jks` file. 
+For this example, keystore and truststore password is `changeit`
+
+Generate keystore.jks and truststore.jks (for this example, keystore and 
truststore password = changeit):
+```shell
+keytool -genkeypair -alias EntryName -keyalg RSA -keysize 2048 -keystore 
keystore.jks
+keytool -exportcert -alias EntryName -keystore keystore.jks -rfc -file 
public.cert
+keytool -import -alias EntryName -file public.cert -storetype JKS -keystore 
truststore.jks
 ```
+
+Create the secrets associated with the stores:
+```shell
 kubectl create secret generic http-keystore --from-file keystore.jks
 kubectl create secret generic http-truststore --from-file truststore.jks
+```
 
+Run the integration:
+```shell
 kamel run --dev \
   -t mount.resources=secret:http-keystore/keystore.jks@/etc/ssl/keystore.jks \
   -t 
mount.resources=secret:http-truststore/truststore.jks@/etc/ssl/truststore.jks \
@@ -56,8 +66,6 @@ Get the service location. If you're running on minikube, run 
`minikube service n
 You should see "Hello Secure World" displayed on 
`https://<service-location>/hello`.
 Alternatively, you could run: `curl -vk https://<service-location>/hello`.
 
-**TODO:** [[#98]](https://github.com/apache/camel-k-examples/issues/98) 
NettySecureServer may not be able to access keystore
-
 ### Run the PlatformHttpServer
 
 ```

(camel-k-examples) branch main updated: (#98) NettySecureServer may not be able to access keystore

Reply via email to