[
https://issues.apache.org/jira/browse/CAMEL-22557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18034376#comment-18034376
]
Claus Ibsen commented on CAMEL-22557:
-------------------------------------
Yes we will backport but we want some feedback first before doing so. End users
today that use camel-as2 should not be affected.
And 4.10.8 would be the very last patch release so if anything is broken etc
then we have extra trouble to fix that. So its often better to introduce
changes only forward.
> camel-as2 - Server-side DecryptingPrivateKey Conflict: Key from first route
> started is enforced for all subsequent routes on the same serverPortNumber
> ------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CAMEL-22557
> URL: https://issues.apache.org/jira/browse/CAMEL-22557
> Project: Camel
> Issue Type: Bug
> Components: camel-as2
> Affects Versions: 4.10.7, 4.14.1
> Environment: *Camel Version:* {{4.10.7}}
> *JDK Version:* Java 21
> Reporter: Bruno Gonçalves
> Priority: Major
> Fix For: 4.16.0
>
> Attachments: inbound-as2-reproducer.tar
>
>
> When configuring multiple inbound AS2 server routes that share the same
> {{{}serverPortNumber{}}}, the security configuration from the *first route to
> successfully start* is prioritized and enforced across all routes listening
> on that port.
> Subsequent routes that attempt to specify a different, distinct
> {{decryptingPrivateKey}} in their configuration will successfully start and
> attach to the existing server instance, but any inbound encrypted traffic
> intended for them will fail with a decryption error, as the system is still
> using the initial route's private key (my guess).
> h4. Test Case Context (Attached Reproducer)
> We can check this behavior by the following unit tests:
> # *loadSingleAS2Server_outboundAs2Encrypted2_OK* *(Successful)*
> A test where *only one AS2 server route* is started with a single
> {{{}decryptingPrivateKey{}}}. An outbound client message encrypted for this
> key is successfully decrypted by the server.
> # *loadMultipleAS2Server_outboundAs2Encrypted2_throwsException (Failing)*
> A test where *two AS2 server routes* are started on the same
> {{serverPortNumber}} (Port 9002), each specifying a different
> {{{}decryptingPrivateKey{}}}. The same outbound client message as before,
> targeting the second route's URI fails, throwing the following exception:
> *org.apache.camel.component.as2.api.exception.AS2DecryptionException: Failed
> to decrypt data*
> NOTE: both tests are green (I'm not really testing the MDN responses), please
> check the logs
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
