This is an automated email from the ASF dual-hosted git repository. davsclaus pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/camel.git
commit af4cb01f87416b26c7e5676c05b2a61c96e64667 Author: Claus Ibsen <[email protected]> AuthorDate: Wed Oct 16 09:24:43 2024 +0200 CAMEL-21128: camel-core - Add trust all certificate for easier TLS/SSL development --- .../java/org/apache/camel/support/jsse/TrustAllTrustManager.java | 6 +++--- core/camel-main/src/main/docs/main.adoc | 2 +- .../src/main/java/org/apache/camel/main/BaseMainSupport.java | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/core/camel-api/src/main/java/org/apache/camel/support/jsse/TrustAllTrustManager.java b/core/camel-api/src/main/java/org/apache/camel/support/jsse/TrustAllTrustManager.java index bdce9ee26d3..677c70a248f 100644 --- a/core/camel-api/src/main/java/org/apache/camel/support/jsse/TrustAllTrustManager.java +++ b/core/camel-api/src/main/java/org/apache/camel/support/jsse/TrustAllTrustManager.java @@ -36,19 +36,19 @@ public class TrustAllTrustManager implements X509TrustManager { private static final Logger LOG = LoggerFactory.getLogger(TrustAllTrustManager.class); - public static TrustAllTrustManager INSTANCE = new TrustAllTrustManager(); + public static final TrustAllTrustManager INSTANCE = new TrustAllTrustManager(); private TrustAllTrustManager() { } @Override public void checkClientTrusted(X509Certificate[] certs, String authType) { - LOG.warn("Trusting client certificate: {}", certs); + LOG.debug("Trusting client certificate: {}", certs); } @Override public void checkServerTrusted(X509Certificate[] certs, String authType) { - LOG.warn("Trusting server certificate: {}", certs); + LOG.debug("Trusting server certificate: {}", certs); } @Override diff --git a/core/camel-main/src/main/docs/main.adoc b/core/camel-main/src/main/docs/main.adoc index 8113596ff97..2b3842148a2 100644 --- a/core/camel-main/src/main/docs/main.adoc +++ b/core/camel-main/src/main/docs/main.adoc @@ -250,7 +250,7 @@ The camel.trace supports 14 options, which are listed below. === Camel SSL configurations -The camel.ssl supports 19 options, which are listed below. +The camel.ssl supports 20 options, which are listed below. [width="100%",cols="2,5,^1,2",options="header"] |=== diff --git a/core/camel-main/src/main/java/org/apache/camel/main/BaseMainSupport.java b/core/camel-main/src/main/java/org/apache/camel/main/BaseMainSupport.java index ad6bd7f5b30..9b196270018 100644 --- a/core/camel-main/src/main/java/org/apache/camel/main/BaseMainSupport.java +++ b/core/camel-main/src/main/java/org/apache/camel/main/BaseMainSupport.java @@ -1721,7 +1721,7 @@ public abstract class BaseMainSupport extends BaseService { tmp = new TrustManagersParameters(); tmp.setCamelContext(camelContext); tmp.setTrustManager(TrustAllTrustManager.INSTANCE); - LOG.warn("Application is vulnerable: Trusting all certificates!"); + LOG.warn("Trust all certifications enabled. Using this in production can expose the application to man-in-the-middle attacks"); } else if (sslConfig.getTrustStore() != null) { KeyStoreParameters tsp = new KeyStoreParameters(); String store = sslConfig.getTrustStore();
