[ 
https://issues.apache.org/jira/browse/CAMEL-12719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16576015#comment-16576015
 ] 

Florian B. edited comment on CAMEL-12719 at 8/10/18 9:32 AM:
-------------------------------------------------------------

Hi,

Does your "SSL-based component" refer to 'camel:keyManagers' ?

Because I think it is this component which can refer only 1 key in a Keystore. 
(I currently use this component too in a <http:conduit with 
http:tlsClientParameters where I need to refer a keyStore with keys (currently 
1 because it does not work with many keys)

If I may add some whish, it would be
 * Possibility to create a camel:keyManagers as a camel:trustManagers
 * Add an optional alias management in the camel:keyManagers
 * Add an optional alias in the endPoint ?

May I add some draft in attachment ?

 

Thanks a lot

 

 

 

 


was (Author: boosy):
Hi,

Does your "SSL-based component" refer to 'camel:keyManagers' ?

Because I think it is this component which can refer only 1 key in a Keystore.

If I may add some which, it would be
 * Possibility to create a camel:keyManagers as a camel:trustManagers
 * Add an optional alias management in the camel:keyManagers
 * Add an optional alias in the endPoint ?

May I add some draft in attachment ?

 

Thanks a lot

 

 

 

 

> Ability to load an SSLContextParameter with a Keystore containing multiple 
> keys (aliases)
> -----------------------------------------------------------------------------------------
>
>                 Key: CAMEL-12719
>                 URL: https://issues.apache.org/jira/browse/CAMEL-12719
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-core
>    Affects Versions: 2.22.0
>         Environment: Apache Tomcat 7, Camel 2.22.0, java 8, redHat 6.6
> 1 TrustStore.jks (12 certificats CA => 12 alias)
> 1 Keystore.jsk (5 clés => 5 alias => 5 passwords différents)
> > 200 camelRoutes (file, soap, rest) secure, non-secure
>            Reporter: Florian B.
>            Priority: Major
>              Labels: features
>             Fix For: 2.23.0
>
>
> Hello,
> I wish I could initialize a single SSLContextParameters at camel startup 
> containing my truststore.jks (> 1 alias) and my keystore.jks (> 1 alias) in 
> order to call it (refer to) in Routes (FTPs, HTTPs) without have to redefine 
> a new SSLContextParameter for each EndPoint.
> _<camel:sslContextParameters id="sslIContextParameters">_
>  _<camel:trustManagers>_
>  _<camel:keyStore password="${truststore.jks.file.password}"_
>  _resource="${truststore.jks.file.location}" />_
>  _</camel:trustManagers>_
>  _<camel:keyManagers >_
>  _<camel:keyStore password="${keystore.jks.file.password}"_
>  _resource="${keystore.jks.file.location}" />_
>  _</camel:keyManagers>_
>  _</camel:sslContextParameters>_
> When my Keystore contains more than 1 alias, I have the following error when 
> creating the Route at startup : 
> *Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to 
> resolve endpoint: 
> https4://<host>:<port>/<address>?authPassword=RAW(password)&authUsername=login&authenticationPreemptive=true&bridgeEndpoint=true&sslContextParameters=sslContextParameters&throwExceptionOnFailure=true
>  due to: Cannot recover key*
> due to
> *Caused by: java.security.UnrecoverableKeyException: Cannot recover key*
>  
> When my keystore contains only one key, it works very well.
> _<camel:sslContextParameters id="sslIContextParameters">_
>  _<camel:trustManagers>_
>  _<camel:keyStore password="${truststore.jks.file.password}"_
>  _resource="${truststore.jks.file.location}" />_
>  _</camel:trustManagers>_
>  _<camel:keyManagers keyPassword="keyPassword">_
>  _<camel:keyStore password="${keystore.jks.file.password}"_
>  _resource="${keystore.jks.file.location}" />_
>  _</camel:keyManagers>_
>  _</camel:sslContextParameters>_
>  
> So I would like to be able to call my SSLContextParameter for different 
> EndPoint by specifying (if necessary) the alias of the Keystore needed (by 
> specifying the alias and / or password of the key)
>  
> Objectif in my project :
>  * 1 TrustStore.jks 
>  * 1 Keystore.jsk
>  * 1 unique SSLContextParameter
>  * > 200 camelRoutes FTPs/HTTPs (ssl one way ou two way)
>  
> Thank a lot
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to