[jira] [Created] (CAMEL-19022) Camel-blueprint sslContextParameters and camel-ldap and camel-http(s) - no custom trust is loaded

Wed, 08 Feb 2023 01:24:04 -0800 

Tapio Piironen created CAMEL-19022:
--------------------------------------

             Summary: Camel-blueprint sslContextParameters and camel-ldap and 
camel-http(s) - no custom trust is loaded
                 Key: CAMEL-19022
                 URL: https://issues.apache.org/jira/browse/CAMEL-19022
             Project: Camel
          Issue Type: Bug
          Components: camel-blueprint, camel-http, camel-ldap
    Affects Versions: 3.20.2, 3.20.1, 3.20.0
         Environment: Camel 3.20.2 

Karaf 4.4.3

OpenJDK 17

RedHat Linux 9
            Reporter: Tapio Piironen
            Assignee: Grzegorz Grzybek


1) camel-ldap problem:

In blueprint style camel config trust is not loaded after 3.20 camel. 3.18.5 
still loads custom trust.

Followed instructions in 
[https://camel.apache.org/components/3.20.x/ldap-component.html]

Blueprint that fails to load trust is following:

<sslContextParameters xmlns="http://camel.apache.org/schema/blueprint"; 
id="sslContextParameters"> <keyManagers keyPassword="\{{keystore.pwd}}"> 
<keyStore resource="\{{keystore.url}}" password="\{{keystore.pwd}}"/> 
</keyManagers> </sslContextParameters> <bean id="customSocketFactory" 
class="zotix.co.util.CustomSocketFactory"> <argument ref="sslContextParameters" 
/> </bean>

CustomSocketFactory the same as in ldap-component documentation. Documentation 
loads keyManager as trustManager (which might be better to be fixed in 
documentation but anyways).

 

2) camel-http(s) problem is about client certificate insertion . There 
sslContextParameters are included in sslcontextparams and camel-https call like:

 <sslContextParameters
            id="sslContextParameters">
        <keyManagers
                keyPassword="\{{pwd}}">
            <keyStore
                    resource="\{{jks.location}}"
                    password="\{{password}}"/>
        </keyManagers>
        <serverParameters
                clientAuthentication="WANT"/>
        <clientParameters>
            <cipherSuitesFilter>
                <camel:include>.*</camel:include>
            </cipherSuitesFilter>
        </clientParameters>
    </sslContextParameters>

and the final call via:

<to 
uri="https://\{{server}}?httpClient.connectionRequestTimeout=10000&amp;httpClient.socketTimeout=30000&amp;sslContextParameters=#sslContextParameters"/>

in this case we get denial from server as handshake_failure .

 

Is configuring changed in 3.20 or is this a bug?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to