OK, forgot to post that I found solution to my problem, it is based on some
of postings I've found but unfortunately I don't remember which one.
Still, I had to modify it to get it to work for me so here is how I did it,
in case someone else runs into the same problem:
(javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated)
>
> In the Spring applicationContext.xml:
<bean id="myHttpClientConfigurerTrustAllCACerts"
class="packagename.HttpClientConfigurerTrustAllCACerts" />
And in my route:
https4:
example.org/webservice?httpClientConfigurer=myHttpClientConfigurerTrustAllCACerts
My httpClientConfigurer (excluding package declaration)
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.camel.component.http4.HttpClientConfigurer;
import org.apache.camel.component.http4.HttpComponent;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.log4j.Logger;
public class HttpClientConfigurerTrustAllCACerts implements
HttpClientConfigurer {
private final static Logger logger = Logger
.getLogger(HttpClientConfigurerTrustAllCACerts.class);
HttpComponent httpComponent;
public HttpClientConfigurerTrustAllCACerts() {
}
public void configureHttpClient(org.apache.http.client.HttpClient
client) {
X509TrustManager tm = new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
return null;
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws java.security.cert.CertificateException {
}
};
try {
SSLContext ctx = SSLContext.getInstance("SSL");
ctx.init(null, new TrustManager[] { tm }, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager ccm = client.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https4", 443, ssf));
} catch (NoSuchAlgorithmException e) {
logger.error(e);
} catch (KeyManagementException e) {
logger.error(e);
}
}
}
2011/6/22 Magnus Palmér <[email protected]>
> Hi,
>
> I was just about to ask a similiar question after being up all night trying
> to get my https4 URI to work.
>
> I get this:
>
>> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>>
>
> There are several posts to be found via Google, some specific for Camel,
> and I've tried several others but must be missing something.
> Can't find a complete working example for self signed certificates though.
> I am at a loss right now after trying out a lot of different approaches.
> If anyone could point me in the right direction so I can get a fresh start
> again I will be most thankful.
> (Using Camel 2.7.2)
>
> Kind regards, Magnus Palmér
>
> P.S. Yes, I've seen this:
> http://camel.465427.n5.nabble.com/Using-HTTPS-in-camel-http-when-remote-side-has-self-signed-cert-td473876.html
> I've also read the http://camel.apache.org/http4.html
> Tried to make something out of the test sourcecode for http4 but so far
> failed.
> Also read this:
> http://stackoverflow.com/questions/5706166/apache-camel-http-and-ssl
>
>
> 2011/6/22 ychawla <[email protected]>
>
>> Does the server require a client certificate? If so, you need to get the
>> Certificate Authority to provide you one.
>>
>> If the server just has an SSL Server certificate that is not in your
>> truststore, you can use HTTP conduit to configure your truststore to
>> accept
>> the certificate or add the certificate to your default truststore.
>>
>> More info on CXF and HTTP Conduit here:
>>
>>
>> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
>>
>> --
>> View this message in context:
>> http://camel.465427.n5.nabble.com/Disable-CertificateValidation-when-Routing-to-HTTPS-endpoint-tp4431968p4512855.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>
>
>
> --
> --
> Brgds, Magnus Palmér
> +46736845680
>
>
