我尝试与具有自签名SSL证书的服务器通信。
我的路线配置:
.setHeader(Exchange.HTTP_METHOD, constant("GET"))
.to("https4://192.168.3.15:3000/getFile")
.marshal(xmlJsonFormat)
.process("camelProcessor")
.to(mongodb:mongoBean?database=eicas&collection=sales&operation=insert)
.to("log:Ok:Se guardo un registro Venta fija")
.doCatch(IllegalArgumentException.class)
.to("log:org.apache.camel.example?level=DEBUG")
.to("log:error?showCaughtException=true&showStackTrace=true");
而且我不知道set de ssl是如何签名的。我们有什么想法吗?
答案 0 :(得分:3)
请参阅http://camel.apache.org/http4.html
的“为HTTP客户端设置SSL”部分我用XML DSL实现了如下:
(\*[0-9]+#|\*[0-9]+(?= )|\+[0-9]+|(?:http:|https:)[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+)
答案 1 :(得分:0)
试试这个:
private static class InsecureX509TrustManager extends X509ExtendedTrustManager {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
//Do nothing
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
//Do nothing
}
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
//Do nothing
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
//Do nothing
}
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
//Do nothing
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
//Do nothing
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
private Endpoint setupSSLConext(CamelContext camelContext) throws Exception {
String[] methodValidator = ReaderXmlVenta.URL_VENTA_FIJA.split(":");
if(methodValidator[0].compareTo("https4") == 0) {
HttpComponent httpComponent = camelContext.getComponent("https4", HttpComponent.class);
httpComponent.setX509HostnameVerifier(NoopHostnameVerifier.INSTANCE);
TrustManagersParameters trustManagersParameters = new TrustManagersParameters();
X509ExtendedTrustManager extendedTrustManager = new InsecureX509TrustManager();
trustManagersParameters.setTrustManager(extendedTrustManager);
SSLContextParameters sslContextParameters = new SSLContextParameters();
sslContextParameters.setTrustManagers(trustManagersParameters);
httpComponent.setSslContextParameters(sslContextParameters);
//This is important to make your cert skip CN/Hostname checks
httpComponent.setX509HostnameVerifier((s, sslSession) -> {
//I don't mind just return true for all or you can add your own logic
logger.info(s + sslSession);
return true;
});
return httpComponent.createEndpoint( FileUtilsVenta.setDatesQueryAternity("https4://192.168.3.15:3000/getFile"));
}else{
HttpComponent httpComponent = camelContext.getComponent("http4", HttpComponent.class);
return httpComponent.createEndpoint("https4://192.168.3.15:3000/getFile");
}
}
并将setupSSLConext调用为:
.setHeader(Exchange.HTTP_METHOD, constant("GET"))
.to(setupSSLConext(getCamelContext()))
.marshal(xmlJsonFormat)
.process("camelProcessor")
.to(mongodb:mongoBean?database=eicas&collection=sales&operation=insert)
.to("log:Ok:Se guardo un registro Venta fija")
.doCatch(IllegalArgumentException.class)
.to("log:org.apache.camel.example?level=DEBUG")
.to("log:error?showCaughtException=true&showStackTrace=true");
答案 2 :(得分:0)
尝试上述操作,我得到:“ PKIX路径构建失败:无法找到到请求目标的有效证书路径”,并且this proposed solution不允许我动态配置每个会话。
我终于找到了用于全动态(每个HTTP会话)SSL配置的解决方案,并将其记录在Apache camel SSL connection to restful service