Apache Camel SSL on http4

Camel, Java 1 Minute

When creating a camel route using http, the destination might require a ssl connection with a self signed certificate.

Therefore on our http client we should register a TrustManager that suports the certificate.

In our case we will use the https4 component of Apache Camel
Therefore we should configure the routes and add them to the camel context

RouteBuilder routeBuilder = new RouteBuilder() {
            @Override
            public void configure() throws Exception {
                from("http://localhost")
                        .to("https4://securepage");
            }
        };
routeBuilder.addRoutesToCamelContext(camelContext);

But before we proceed on starting the camel context we should register the trust store on the component we are going to use.
Therefore we should implement a function for creating an ssl context with the trustore.
Supposed the jks file that has the certificate imported is located on the root of our classpath.

   private void registerTrustStore(CamelContext camelContext) {

        try {
            KeyStore truststore = KeyStore.getInstance("JKS");
            truststore.load(getClass().getClassLoader().getResourceAsStream("example.jks"), "changeit".toCharArray());

            TrustManagerFactory trustFactory = TrustManagerFactory.getInstance("SunX509");
            trustFactory.init(truststore);

            SSLContext sslcontext = SSLContext.getInstance("TLS");
            sslcontext.init(null, trustFactory.getTrustManagers(), null);

            SSLSocketFactory factory = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            SchemeRegistry registry = new SchemeRegistry();
            final Scheme scheme = new Scheme("https4", 443, factory);
            registry.register(scheme);


            HttpComponent http4 = camelContext.getComponent("https4", HttpComponent.class);
            http4.setHttpClientConfigurer(new HttpClientConfigurer() {

                @Override
                public void configureHttpClient(HttpClientBuilder builder) {

                    builder.setSSLSocketFactory(factory);

                    Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
                            .register("https", factory)
                            .build();

                    HttpClientConnectionManager connectionManager = new  BasicHttpClientConnectionManager(registry);

                    builder.setConnectionManager(ccm);
                }
            });
        } catch (IOException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (CertificateException e) {
            e.printStackTrace();
        } catch (KeyStoreException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
    }

After that our route would be able to access the destination securly.

Advertisement

Published by Emmanouil Gkatziouras

Published

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.