Bruno Gonçalves created CAMEL-22557:
---------------------------------------
Summary: Server-side DecryptingPrivateKey Conflict: Key from first
route started is enforced for all subsequent routes on the same serverPortNumber
Key: CAMEL-22557
URL: https://issues.apache.org/jira/browse/CAMEL-22557
Project: Camel
Issue Type: Bug
Components: camel-as2
Affects Versions: 4.10.7, 4.10.8
Environment: *Camel Version:* {{4.10.7}}
*JDK Version:* Java 21
Reporter: Bruno Gonçalves
Attachments: inbound-as2-reproducer.tar
When configuring multiple inbound AS2 server routes that share the same
{{{}serverPortNumber{}}}, the security configuration from the *first route to
successfully start* is prioritized and enforced across all routes listening on
that port.
Subsequent routes that attempt to specify a different, distinct
{{decryptingPrivateKey}} in their configuration will successfully start and
attach to the existing server instance, but any inbound encrypted traffic
intended for them will fail with a decryption error, as the system is still
using the initial route's private key (my guess).
h4. Test Case Context (Attached Reproducer)
We can confirm this behavior using two corresponding unit tests:
#
*loadSingleAS2Server_outboundAs2Encrypted2_OK* *(Successful)*
A test where *only one AS2 server route* is started with a single
{{{}decryptingPrivateKey{}}}. An outbound client message encrypted for this key
is successfully decrypted by the server.
#
*loadMultipleAS2Server_outboundAs2Encrypted2_throwsException (Failing)*
A test where *two AS2 server routes* are started on the same
{{serverPortNumber}} (Port 9002), each specifying a different
{{{}decryptingPrivateKey{}}}. The same outbound client message as before,
targeting the second route's URI fails, throwing the following exception:
*org.apache.camel.component.as2.api.exception.AS2DecryptionException: Failed to
decrypt data*
NOTE: both tests are green (I'm not really testing the MDN responses), please
check the logs
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
