[PR] CAMEL-21667: camel-http-starter - Add Spring Boot SSL Bundle support with hot-reload [camel-spring-boot]

Thu, 22 Jan 2026 17:53:30 -0800 


rabitem opened a new pull request, #1627:
URL: https://github.com/apache/camel-spring-boot/pull/1627

   ## CAMEL-21667: camel-http-starter - Add Spring Boot SSL Bundle support with 
hot-reload
   
   ### Description
   
   Adds integration with Spring Boot SSL Bundles for the Camel HTTP component, 
enabling centralized SSL configuration and optional certificate hot-reload 
without application restart.
   
   ### Motivation
   
   Spring Boot 3.1+ introduced SSL Bundles as a unified way to configure SSL 
trust material. Spring Boot 3.2+ added hot-reload capability. This PR bridges 
Spring Boot SSL Bundles to Camel's HTTP component (which uses Apache 
HttpClient5).
   
   ### Changes
   
   | File | Description |
   |------|-------------|
   | `HttpComponentSslBundleAutoConfiguration.java` | Auto-configuration for 
SSL bundle integration |
   | `HttpComponentSslBundleConfigurationProperties.java` | Configuration 
properties class |
   | `additional-spring-configuration-metadata.json` | IDE autocomplete support 
|
   | `HttpComponentSslBundleAutoConfigurationTest.java` | Tests for hot-reload 
enabled (8 tests) |
   | `HttpComponentSslBundleHotReloadDisabledTest.java` | Tests for default 
behavior (2 tests) |
   | `HttpComponentSslBundleEdgeCasesTest.java` | Edge cases and negative 
scenarios (7 tests) |
   | `AutoConfiguration.imports` | Register new auto-configuration |
   
   ### Configuration
   
   ```yaml
   spring:
     ssl:
       bundle:
         pem:
           my-client-bundle:
             reload-on-update: true
             truststore:
               certificate: file:certs/ca.crt
   
   camel:
     component:
       http:
         ssl-bundle: my-client-bundle
         ssl-bundle-hot-reload: true  # opt-in, default is false
   ```
   
   ### Properties
   
   | Property | Type | Default | Description |
   |----------|------|---------|-------------|
   | `camel.component.http.ssl-bundle` | String | - | Name of the Spring Boot 
SSL bundle to use |
   | `camel.component.http.ssl-bundle-hot-reload` | Boolean | `false` | Enable 
hot-reload of SSL certificates (opt-in) |
   
   ### Features
   
   - Configures both `http` and `https` Camel components with SSL bundle
   - Optional hot-reload: registers bundle update handler for automatic 
certificate rotation
   - Closes and recreates connection manager when certificates change
   - Only activates when `camel.component.http.ssl-bundle` property is set
   
   ### Testing
   
   **Unit tests (17 total):**
   
   | Category | Tests | Coverage |
   |----------|-------|----------|
   | Hot-reload enabled | 8 | SSL applied, connection manager recreation, 
HTTPS, SSLContext creation |
   | Hot-reload disabled | 2 | Default behavior verification |
   | Edge cases | 7 | Missing property, invalid bundle, close exceptions, 
protocol variants |
   
   **Negative scenarios tested:**
   - Missing `ssl-bundle` property → auto-configuration not activated
   - Invalid bundle name → `NoSuchSslBundleException`
   - Connection manager close failure → error logged, operation continues
   
   **Load test:**
   - 500 TPS sustained load
   - 10 certificate rotations
   - 27,000+ requests, 0 errors
   
   ### References
   
   - [CAMEL-21667](https://issues.apache.org/jira/browse/CAMEL-21667)
   - [Spring Boot SSL 
Documentation](https://docs.spring.io/spring-boot/reference/features/ssl.html)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to