--
You received this message because you are subscribed to the Google Groups "ipf-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ipf-user+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hi Alexandar,
Well that’s the way how would I do that…
In spring-boot normally you have the main Application-Class where you can tell which spring-context files are used:
@SpringBootApplication
@ImportResource({"classpath:/application-context.xml", "classpath:/cxf-conduit-context.xml", "classpath:/mllp-ssl-context.xml"})
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
Your e.g. "cxf-conduit-context.xml" defines CXF-Client-Conduit configuration where you can define TLS keystore/truststore usage like described on that page you’ve shared:
….
<http:conduit name="*.http-conduit">
...
<!-- TLS configuration -->
<http:tlsClientParameters disableCNCheck="true">
<sec:keyManagers keyPassword="changeit">
<sec:keyStore type="JKS" password="changeit" file="xds-keystore.jks" />
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="changeit" file="xds-keystore.jks" />
</sec:trustManagers
….
and then it should be automatically picked up by the client when using the "secure=true" option like shown below:
...
.to("xds-iti18://localhost:8181/xds-iti18-service?secure=true")
For MLLP based Endpoints you need to define another SSLContext in e.g. "mllp-ssl-context.xml"
…
<bean id="sslContext" class="javax.net.ssl.SSLContext"
factory-bean="sslContextFactory"
factory-method="newInstance" />
<bean id="sslContextFactory" class="org.apache.mina.filter.ssl.SslContextFactory">
<property name="keyManagerFactoryAlgorithm" value="SunX509"/>
<property name="keyManagerFactoryKeyStore" ref="keyStore"/>
<property name="keyManagerFactoryKeyStorePassword" value="changeit"/>
<property name="trustManagerFactoryAlgorithmUseDefault" value="true"/>
<property name="trustManagerFactoryKeyStore" ref="keyStore"/>
</bean>
<bean id="keyStoreFactory" class="org.apache.mina.filter.ssl.KeyStoreFactory">
<property name="dataUrl" value="iti8/keystore.jks"/>
<property name="password" value="changeit"/>
</bean>
<bean id="keyStore" class="java.security.KeyStore"
factory-bean="keyStoreFactory"
factory-method="newInstance" />
...
and important to reference this sslContext in your Endpoint-URI:
...
.to("pdq-iti8://localhost:5656?secure=true&sslContext=#sslContext”)
That's it, hope it works,
best regards,
Boris