-
-
Save aelkz/58fde51984c1301ed7341c6f51d7193c to your computer and use it in GitHub Desktop.
A Demo/example showing SSL/TLS Customization with Camel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <beans xmlns="http://www.springframework.org/schema/beans" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation=" | |
| http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd | |
| http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd"> | |
| <camelContext xmlns="http://camel.apache.org/schema/spring"> | |
| <routeBuilder ref="javaRouter" /> | |
| </camelContext> | |
| <bean id="javaRouter" class="demo.JavaRouter" /> | |
| </beans> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package demo; | |
| import org.apache.camel.CamelContext; | |
| import org.apache.camel.Endpoint; | |
| import org.apache.camel.builder.RouteBuilder; | |
| import org.apache.camel.component.http4.HttpComponent; | |
| import org.apache.camel.util.jsse.KeyManagersParameters; | |
| import org.apache.camel.util.jsse.KeyStoreParameters; | |
| import org.apache.camel.util.jsse.SSLContextParameters; | |
| import org.apache.camel.util.jsse.TrustManagersParameters; | |
| import org.apache.http.conn.ssl.AllowAllHostnameVerifier; | |
| public class JavaRouter extends RouteBuilder { | |
| @Override | |
| public void configure() throws Exception { | |
| Endpoint httpsEndpoint = setupSSLConext(getContext()); | |
| from("timer:demo") | |
| .to(httpsEndpoint) | |
| .choice() | |
| .when(simple("${headers.CamelHttpResponseCode} == 200")) | |
| .log("Success") | |
| .otherwise() | |
| .log("Failed"); | |
| } | |
| private Endpoint setupSSLConext(CamelContext camelContext) throws Exception { | |
| KeyStoreParameters keyStoreParameters = new KeyStoreParameters(); | |
| // Change this path to point to your truststore/keystore as jks files | |
| keyStoreParameters.setResource("/etc/ssl/demo.jks"); | |
| keyStoreParameters.setPassword("password"); | |
| KeyManagersParameters keyManagersParameters = new KeyManagersParameters(); | |
| keyManagersParameters.setKeyStore(keyStoreParameters); | |
| keyManagersParameters.setKeyPassword("password"); | |
| TrustManagersParameters trustManagersParameters = new TrustManagersParameters(); | |
| trustManagersParameters.setKeyStore(keyStoreParameters); | |
| SSLContextParameters sslContextParameters = new SSLContextParameters(); | |
| sslContextParameters.setKeyManagers(keyManagersParameters); | |
| sslContextParameters.setTrustManagers(trustManagersParameters); | |
| HttpComponent httpComponent = camelContext.getComponent("https4", HttpComponent.class); | |
| httpComponent.setSslContextParameters(sslContextParameters); | |
| //This is important to make your cert skip CN/Hostname checks | |
| httpComponent.setX509HostnameVerifier(new AllowAllHostnameVerifier()); | |
| return httpComponent.createEndpoint("https4:demo.example.com"); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package demo; | |
| import org.apache.camel.CamelContext; | |
| import org.apache.camel.Endpoint; | |
| import org.apache.camel.builder.RouteBuilder; | |
| import org.apache.camel.component.http4.HttpComponent; | |
| import org.apache.camel.util.jsse.KeyManagersParameters; | |
| import org.apache.camel.util.jsse.KeyStoreParameters; | |
| import org.apache.camel.util.jsse.SSLContextParameters; | |
| import org.apache.camel.util.jsse.TrustManagersParameters; | |
| import org.apache.http.conn.ssl.AbstractVerifier; | |
| import org.apache.http.conn.ssl.AllowAllHostnameVerifier; | |
| import org.apache.http.conn.ssl.X509HostnameVerifier; | |
| import javax.net.ssl.SSLException; | |
| import javax.net.ssl.SSLSession; | |
| import javax.net.ssl.SSLSocket; | |
| import java.io.IOException; | |
| import java.security.cert.X509Certificate; | |
| public class JavaRouter2 extends RouteBuilder { | |
| @Override | |
| public void configure() throws Exception { | |
| Endpoint httpsEndpoint = setupSSLConext(getContext()); | |
| from("timer:demo") | |
| .to(httpsEndpoint) | |
| .choice() | |
| .when(simple("${headers.CamelHttpResponseCode} == 200")) | |
| .log("Success") | |
| .otherwise() | |
| .log("Failed"); | |
| } | |
| private Endpoint setupSSLConext(CamelContext camelContext) throws Exception { | |
| KeyStoreParameters keyStoreParameters = new KeyStoreParameters(); | |
| // Change this path to point to your truststore/keystore as jks files | |
| keyStoreParameters.setResource("/etc/ssl/demo.jks"); | |
| keyStoreParameters.setPassword("password"); | |
| KeyManagersParameters keyManagersParameters = new KeyManagersParameters(); | |
| keyManagersParameters.setKeyStore(keyStoreParameters); | |
| keyManagersParameters.setKeyPassword("password"); | |
| TrustManagersParameters trustManagersParameters = new TrustManagersParameters(); | |
| trustManagersParameters.setKeyStore(keyStoreParameters); | |
| SSLContextParameters sslContextParameters = new SSLContextParameters(); | |
| sslContextParameters.setKeyManagers(keyManagersParameters); | |
| sslContextParameters.setTrustManagers(trustManagersParameters); | |
| HttpComponent httpComponent = camelContext.getComponent("https4", HttpComponent.class); | |
| httpComponent.setSslContextParameters(sslContextParameters); | |
| //This is important to make your cert skip CN/Hostname checks | |
| httpComponent.setX509HostnameVerifier(new X509HostnameVerifier() { | |
| @Override | |
| public void verify(String s, SSLSocket sslSocket) throws IOException { | |
| } | |
| @Override | |
| public void verify(String s, X509Certificate x509Certificate) throws SSLException { | |
| } | |
| @Override | |
| public void verify(String s, String[] strings, String[] strings1) throws SSLException { | |
| } | |
| @Override | |
| public boolean verify(String s, SSLSession sslSession) { | |
| //I don't mind just return true for all or you can add your own logic | |
| return true; | |
| } | |
| }); | |
| return httpComponent.createEndpoint("https4:localhost"); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment