Camel 2.13.1 HTTP4 HttpClientConfigurer for self signed certificates

[andyredhead]

Hi,

apologies if this has already been asked (and answered before).

I'm trying to set up an HTTP4 endpoint that communicates with a remote
server that has a self signed SSL certificate.

Long term we will figure out a sensible way to manage the certificates.

In the short term I just want to get the communication working... which
means I'd like to set up the HTTP4 end point to accept the self signed
certificate.

Reading around, it looks like the general solution is to create an
HttpClientConfigurer, register it as a bean in the XML config and reference
it from the endpoint URL.

There are plenty of examples for older versions of the Camel API, where the
method to implement in the HttpClientConfigurer is:

    public void configureHttpClient(org.apache.http.client.HttpClient
client)

However, in Camel 2.13.x the signature appears to be:

    public void configureHttpClient(HttpClientBuilder clientBuilder)

Regardless of how I implement that method, I end up with the familiar
exception:

    Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target

Does anyone have an example of how to implement an HttpClientConfigurer for
Camel 2.13.x such that the HTTP4 end point will accept self signed
certificates (or suggest a better way of achieving the goal)?

My current effort looks like:

public void configureHttpClient(HttpClientBuilder clientBuilder) {
  SSLContextBuilder builder = new SSLContextBuilder();
  try {
    builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
    SSLContext sslcontext = builder.build();
    clientBuilder.setSslcontext(sslcontext);

    SSLConnectionSocketFactory sslsf = new
SSLConnectionSocketFactory(sslcontext,          
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    clientBuilder.setSSLSocketFactory(sslsf);
    clientBuilder.setHostnameVerifier(
        SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

  } catch (KeyStoreException e) {
    logger.warn("configureHttpClient - problem creating self signed trust",
e);
  }
}

Thanks, Andy



--
View this message in context: 
http://camel.465427.n5.nabble.com/Camel-2-13-1-HTTP4-HttpClientConfigurer-for-self-signed-certificates-tp5755062.html
Sent from the Camel - Users mailing list archive at Nabble.com.