Setting SSLContextParameter from Code

[cobo lus]

Hi !

how can I set aSSLContextParameter object from the java code as I somehow try to add it to the registry but it is not used afterwards by the ITI components.

If I specify it using the javax.ssl.net parameters my trusstore is picked up.

I'm using IPF 4.7.0

thx for your help

[Dmytro Rud]

Hi !

Do you explicitly reference the newly created bean in the endpoint URI parameter sslContextParameters?  Could you show some code?  

Best regards

Dmytro

--
You received this message because you are subscribed to the Google Groups "ipf-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ipf-user+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ipf-user/96ae306b-f51b-4ccf-9b5d-51380e9b5263n%40googlegroups.com.

[cobo lus]

Hi !

yes I tried to reference it with the URI parameter.

Here the way how I try to setup the SSL Context Parameter:

private void createSSLContextParameters() throws Exception {
if(sslConfig.isEnabled())
{
SSLContextParameters sslContextParameters = new SSLContextParameters();
if(!StringUtilities.isEmpty(sslConfig.getKeystore())) {
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource(sslConfig.getKeystore());
ksp.setPassword(sslConfig.getKeystorePassword());

KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyStore(ksp);
kmp.setKeyPassword(sslConfig.getKeyPassword());
sslContextParameters.setKeyManagers(kmp);
}
if(!StringUtilities.isEmpty(sslConfig.getTruststore())) {
KeyStoreParameters tsp = new KeyStoreParameters();
tsp.setResource(sslConfig.getTruststore());
tsp.setPassword(sslConfig.getTruststorePassword());

TrustManagersParameters tmp = new TrustManagersParameters();
tmp.setKeyStore(tsp);
sslContextParameters.setTrustManagers(tmp);
}

 DefaultRegistry registry = (DefaultRegistry) camelContext.getRegistry();
registry.bind(sslConfig.getName(), sslContextParameters);
((org.apache.camel.impl.DefaultCamelContext) camelContext).setRegistry(registry);


Map<String,SSLContextParameters> sslContextParameterMap = camelContext.getRegistry().findByTypeWithName(SSLContextParameters.class);

for(String s : sslContextParameterMap.keySet())
{
log.info("SSL Contexts: " + s);
}
}
}

This method is called when I build my Camel Route before I setup any other thing.

The log also prints my SSL Context Parameter bean but when I reference it afterwards for the ITI transaction I get some very strange SSL Error:

Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

When I change to javax.ssl.net it for some unknown reason works.

[Dmytro Rud]

JVM variables expect file paths, SSLContextParameters expect resource paths.  Would it help to add the prefix "file:" to sslConfig.getKeystore() and sslConfig.getTruststore()?  Otherwise everything seems Ok.

Best regards

Dmytro

To view this discussion on the web visit https://groups.google.com/d/msgid/ipf-user/5646c84c-d84d-4abb-a776-6fb9b0bd859dn%40googlegroups.com.

[cobo lus]

Hi !

thanks for the help - the file: fixed it :)

much appreciated !