Apache Camel Email IMAP Route Fails To Start Because of MSAL4J AcquireTokenByClientCredentialSupplier Failed

Dipak Rai Thu, 26 Sep 2024 22:13:33 -0700

 Dear Camel Users,

I need your help and advice. Please have a look at the problem context
below. I have posted the same at StackOverflow
*https://stackoverflow.com/questions/79029647/apache-camelemail-msal4j-acquiretokenbyclientcredentialsupplier-failed
<https://stackoverflow.com/questions/79029647/apache-camelemail-msal4j-acquiretokenbyclientcredentialsupplier-failed>.*


I have an Apache Camel+Camel-email+Springboot project. The IMAP route in my
camel-context file fails to start up with error
`org.apache.camel.FailedToStartRouteException: Failed to start route
mail-route-imap because of null`
I added a few *SSL specific parameters* to my `application.properties`
which I need for interaction with my back-end APIs. I wonder why since the
IMAP connection with Exchange server is over an **OAUTH2 Client Secret**. I
wonder why `msal4j` library is looking for an SSL handshake when it is
supposed to use the `myExchangeAuthenticator` that I am passing in the IMAP
url? *Postscript: The IMAP route works fine if I remove the SSL parameters
from my application-context.*

```
ERROR | ForkJoinPool.commonPool-worker-1 |
AuthenticationResultSupplier.java logException:155 | [Correlation ID:
272b48e9-bf32-4244-9b4b-61dd0cda568e] Execution of class
com.microsoft.aad.msal4j.*AcquireTokenByClientCredentialSupplier failed*.
com.microsoft.aad.msal4j.MsalClientException:
javax.net.ssl.SSLHandshakeException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
        at
com.microsoft.aad.msal4j.HttpHelper.executeHttpRequest(HttpHelper.java:53)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target

 ERROR | main | SpringApplication.java reportFailure:818 | Application run
failed
org.apache.camel.FailedToStartRouteException: Failed to start route
mail-route-imap because of null
        at
org.apache.camel.impl.engine.RouteService.setUp(RouteService.java:132)
```

**camel-context.xml**

    <route id="mail-route-imap" autoStartup="true">
    <from id="office365" uri="imaps://
outlook.office365.com:993?authenticator=#myExchangeAuthenticator&amp;debugMode=true&amp;mail.imaps.proxy.host={{proxyHost}}&amp;mail.imaps.proxy.port={{proxyPort}}&amp;mail.imaps.auth.mechanisms=XOAUTH2&amp;disconnect=true
<http://outlook.office365.com:993?authenticator=#myExchangeAuthenticator&amp;debugMode=true&amp;mail.imaps.proxy.host=%7B%7BproxyHost%7D%7D&amp;mail.imaps.proxy.port=%7B%7BproxyPort%7D%7D&amp;mail.imaps.auth.mechanisms=XOAUTH2&amp;disconnect=true>"
/>
    <to uri="direct:someProcessChainAhead" />
    </route>

**application.properties**

    # Enabling SSL Bench
    server.http2.enabled=true
    server.ssl.enabled=true
    server.ssl.enabl=TLSv1.2,TLSv1.3
    server.servlet.session.cookie.secure=true
    server.servlet.session.cookie.same-site=strict
    server.ssl.trust-store=/some-path-here/truststore.ks
    server.ssl.key-alias=nfmt
    server.ssl.key-store=/some-path-here/keystore.ks
    server.ssl.client-auth=want

**MainApplication.java**

`//initialized the SSL params in appContext, I need it for backend API calls

public static void main(String[] args) {
MyVaultUtil.initialize();
System.setProperty("javax.net.ssl.trustStore",
"/some-path-here/truststore.ks");
System.setProperty("javax.net.ssl.trustStorePassword",
MyVaultUtil.getInstance()
.getSecret(MyVaultUtil.SecretKeys.truststore_external_password.getKey()));
System.setProperty("javax.net.ssl.trustStoreType",
KeyStore.getDefaultType());
System.setProperty("server.ssl.trust-store-password",
MyVaultUtil.getInstance()
.getSecret(MyVaultUtil.SecretKeys.truststore_external_password.getKey()));
System.setProperty("server.ssl.key-store-password",
MyVaultUtil.getInstance()
.getSecret(MyVaultUtil.SecretKeys.keystore_external_password.getKey()));
MainApplication.run(MainApplication.class, args);
}

@Bean //initializing inside MainApp
MicrosoftExchangeOnlineOAuth2MailAuthenticator exchangeAuthenticator() {
return new MicrosoftExchangeOnlineOAuth2MailAuthenticator(tenantId,
clientId, clientSecret, userName);
}`

The question is available here as a post*
https://stackoverflow.com/questions/79029647/apache-camelemail-msal4j-acquiretokenbyclientcredentialsupplier-failed
<https://stackoverflow.com/questions/79029647/apache-camelemail-msal4j-acquiretokenbyclientcredentialsupplier-failed>*
Regards,
Dipak.

Apache Camel Email IMAP Route Fails To Start Because of MSAL4J AcquireTokenByClientCredentialSupplier Failed

Reply via email to