[
https://issues.apache.org/jira/browse/CAMEL-15075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17112336#comment-17112336
]
Peter Kullmann commented on CAMEL-15075:
----------------------------------------
I think it's easy to reproduce: Just take the example in the docs:
{code:java}
// Configure the SSLContextParameters object
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("/path/to/keystore.jks");
ksp.setPassword("changeit");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyStore(ksp);
kmp.setKeyPassword("changeit");
SSLContextParameters scp = new SSLContextParameters();
scp.setKeyManagers(kmp);
// Bind this SSLContextParameters into the Camel registry
Registry registry = createCamelRegistry();
registry.bind("ssl", scp);
// Configure the camel context
DefaultCamelContext camelContext = new DefaultCamelContext(registry);
camelContext.addRoutes(new RouteBuilder() {
@Override
public void configure() throws Exception {
from("kafka:" + TOPIC + "?brokers=localhost:{{kafkaPort}}" +
// Setup the topic and broker address
"&groupId=A" +
// The consumer processor group ID
"&sslContextParameters=#ssl" +
// The security protocol
"&securityProtocol=SSL)
// Reference the SSL configuration
.to("mock:result");
}
});
{code}
The /path/to/keystore.jks should point to a classpath resource. Then kafka will
complain:
{code:java}
[main] ERROR org.apache.kafka.common.security.ssl.SslEngineBuilder -
Modification time of key store could not be obtained: blabla
java.nio.file.NoSuchFileException: blabla
at
sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:79)
at
sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:97)
{code}
I tried to produce a small running example but the archetype produces non
compilable code and gave up:
{code:java}
Main main = new Main();
main.addRouteBuilder(new MyRouteBuilder());
main.run(args);
{code}
I think, it would be enough to mention this in the docs.
> camel-kafka - Configuration via SSLContextParameters does not work as expected
> ------------------------------------------------------------------------------
>
> Key: CAMEL-15075
> URL: https://issues.apache.org/jira/browse/CAMEL-15075
> Project: Camel
> Issue Type: Bug
> Components: camel-kafka
> Affects Versions: 3.2.0
> Reporter: Peter Kullmann
> Priority: Major
> Fix For: 3.4.0
>
>
> The ssl parameters in kafka can be set using a camel SSLContextParameter
> object (see CAMEL-10705). But it doesn't work as expected.
> Camel allows many ways to specify a keystore location, ie a file path, a
> class path or an URL of the resource. Camel tries all possible ways to read
> the keystore. (Eg
> SSLContextParameters.getTrustManagers().getKeyStore().getResource()).
> For kafka this resolution doesn't take place. Kafka receives just the raw
> resource string (org.apache.camel.component.kafka.KafkaConfiguration:511):
>
> {code:java}
> addPropertyIfNotNull(props, SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG,
> keyStore.getResource());
> {code}
> Kafka has a different expectation on this location from camel. In particular
> setting the camel keystore resource to a classpath location doesn't work for
> kafka (see also KAFKA-7685 for an attempt to support classpath resources).
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
