-1

Context of my problem :

I'm working with apache camel in servicemix, and i'm developing a bundle. In this bundle, the following endpoint is defined in a route : 

<to uri="https4://URL_I_WANT_TO_CONNECT_TO?proxyAuthHost=MY_PROXY_HOST_NAME&amp;proxyAuthPort=MY_PROXY_PORT&amp;sslContextParameters=mySslContextParameters" />

As you can see in the value of the "uri" attribute, i use a HTTP proxy.

My goal is to do a HTTP POST request to the "URL_I_WANT_TO_CONNECT_TO". I've been given 3 certificates (3 ".cer" files, and according to the names of these files i guess there is one for the server, one for the CA and one for CA intermediate). Let's name these 3 certificates "cert_server.cer", "cert_ca.cer", and "cert_ca_intermediate.cer".

I created a file named "keystore.jks" using the tool "keytool". This creation was done by executing the three following commands in this order :

keytool -import -keystore keystore.jks -file cert_server.cer -alias "server"
keytool -import -keystore keystore.jks -file cert_ca.cer -alias "ca"
keytool -import -keystore keystore.jks -file cert_ca_intermediate.cer -alias "ca_intermediate"

Note : i used the same password for all certificates

Then i added the file "keystore.jks" and the 3 certificates in the java project corresponding to my bundle, and defined the following sslContextParameters (which is referenced in the value of the "uri" attribute of the previously defined endpoint) in the blueprint file of my bundle :

<sslContextParameters id="mySslContextParameters"
    xmlns="http://camel.apache.org/schema/blueprint">
    <keyManagers keyPassword="abcde">
        <keyStore resource="/key/keystore.jks" password="abcde" />
    </keyManagers>
</sslContextParameters>

The problem is that it doesn't work (i don't manage to connect to "URL_I_WANT_TO_CONNECT_TO"), and the only information i have is the following log message : "Error : Remote host closed connection during handshake". I have no idea how to solve the problem.

Could the HTTP proxy be the source of the problem?

Thank you for any help.

Best regards

рüффп
  • 5,172
  • 34
  • 67
  • 113
ouazzani nabil
  • 1
  • 4
  • 1
    http://stackoverflow.com/questions/30352681/convert-cer-certificate-to-jks – sinclair Mar 18 '16 at 14:10
  • Have a read of the [keytool](https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html) documentation in addition to the mentioned SO thread. The http4 component [documentation](http://camel.apache.org/http4.html) has a paragraph on 'Calling using GET or POST'. – Ralf Mar 18 '16 at 14:14
  • thank you for your answers, but i don't know if i have to put each certificate in its own jks file or put all the certificates in the same jks file... what do you think about it? – ouazzani nabil Mar 18 '16 at 15:28
  • I did it programmatically and it solved the problem :) – ouazzani nabil Mar 24 '16 at 08:37

1 Answers1

-1

If your certificates are used to contact the SSL server (and not to authenticate), have a look at TrustManagersParameters (and not KeyStoreParameters).

http://camel.apache.org/camel-configuration-utilities.html#CamelConfigurationUtilities-TrustManagersParameters

Cyril Beslay
  • 151
  • 7
  • I use this in my sslContextParameters now, but didn't solve the problem – ouazzani nabil Mar 23 '16 at 10:36
  • Link-only answers are not helpful when the content moves or changes. You should include the relevant parts of the link in your answer, tailored to answer the question, and use the link as reference only. – miken32 Aug 31 '16 at 21:04