我尝试与具有自签名SSL证书的服务器通信。
我的路由配置:
.setHeader(Exchange.HTTP_METHOD, constant("GET"))
.to("https4://192.168.3.15:3000/getFile")
.marshal(xmlJsonFormat)
.process("camelProcessor")
.to(mongodb:mongoBean?database=eicas&collection=sales&operation=insert)
.to("log:Ok:Se guardo un registro Venta fija")
.doCatch(IllegalArgumentException.class)
.to("log:org.apache.camel.example?level=DEBUG")
.to("log:error?showCaughtException=true&showStackTrace=true");
我不知道如何设置ssl自签名。我们有什么想法吗?
发布于 2018-05-29 15:21:09
参见http://camel.apache.org/http4.html的“为HTTP Client设置SSL”一节。
我使用XML DSL实现了这一点,如下所示:
<sslContextParameters id="sslContext" xmlns="http://camel.apache.org/schema/blueprint">
<trustManagers>
<keyStore resource="your-certificate"/>
</trustManagers>
</sslContextParameters>
<bean id="http-ssl" class="org.apache.camel.component.http4.HttpComponent">
<property name="sslContextParameters" ref="sslContext"/>
</bean>
<route>
...
<to uri="http-ssl://192.168.3.15:3000/getFile"/>
..
</route>
发布于 2018-06-02 02:56:51
试试这个:
private static class InsecureX509TrustManager extends X509ExtendedTrustManager {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
//Do nothing
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
//Do nothing
}
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
//Do nothing
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
//Do nothing
}
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
//Do nothing
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
//Do nothing
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
private Endpoint setupSSLConext(CamelContext camelContext) throws Exception {
String[] methodValidator = ReaderXmlVenta.URL_VENTA_FIJA.split(":");
if(methodValidator[0].compareTo("https4") == 0) {
HttpComponent httpComponent = camelContext.getComponent("https4", HttpComponent.class);
httpComponent.setX509HostnameVerifier(NoopHostnameVerifier.INSTANCE);
TrustManagersParameters trustManagersParameters = new TrustManagersParameters();
X509ExtendedTrustManager extendedTrustManager = new InsecureX509TrustManager();
trustManagersParameters.setTrustManager(extendedTrustManager);
SSLContextParameters sslContextParameters = new SSLContextParameters();
sslContextParameters.setTrustManagers(trustManagersParameters);
httpComponent.setSslContextParameters(sslContextParameters);
//This is important to make your cert skip CN/Hostname checks
httpComponent.setX509HostnameVerifier((s, sslSession) -> {
//I don't mind just return true for all or you can add your own logic
logger.info(s + sslSession);
return true;
});
return httpComponent.createEndpoint( FileUtilsVenta.setDatesQueryAternity("https4://192.168.3.15:3000/getFile"));
}else{
HttpComponent httpComponent = camelContext.getComponent("http4", HttpComponent.class);
return httpComponent.createEndpoint("https4://192.168.3.15:3000/getFile");
}
}
并调用setupSSLConext,如下所示:
.setHeader(Exchange.HTTP_METHOD, constant("GET"))
.to(setupSSLConext(getCamelContext()))
.marshal(xmlJsonFormat)
.process("camelProcessor")
.to(mongodb:mongoBean?database=eicas&collection=sales&operation=insert)
.to("log:Ok:Se guardo un registro Venta fija")
.doCatch(IllegalArgumentException.class)
.to("log:org.apache.camel.example?level=DEBUG")
.to("log:error?showCaughtException=true&showStackTrace=true");
发布于 2019-02-11 07:38:37
尝试上面的操作,我得到的结果是:"PKIX路径构建失败:找不到到所请求目标的有效认证路径“,并且this proposed solution不允许我动态配置每个会话。
我最终找到了完全动态(每个HTTP session) SSL配置的解决方案,并在Apache camel SSL connection to restful service上记录了它
https://stackoverflow.com/questions/50567191
复制相似问题