Русский English Tags View Sergey Zolotaryov's profile on LinkedIn Sign-in
Centralized SSL configuration in Camel
Permanent link 21-12-2016 anydoby java camel

As you may already know Camel recommends using the JSSE Utility in order to configure SSL/TLS in components like HTTP, Jetty, CXF and others where you might want to have traffic encrypted. There's an example of it, however a vanilla one


<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:camel="http://camel.apache.org/schema/spring"
       xsi:schemaLocation="
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
       http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd">
 
  <camel:sslContextParameters
      id="mySslContext">
 
    <camel:keyManagers
        keyPassword="keyPassword">
      <camel:keyStore
          resource="/users/home/server/keystore.jks"
          password="keystorePassword"/>
    </camel:keyManagers>
 
    <camel:serverParameters
        clientAuthentication="WANT"/>
 
  </camel:sslContextParameters>
 
</beans>

is not mentioning that when you try to replace hard coded file names and passwords into something more production ready like ${mykeystore.file}, it will not work out. Since we have a Spring issue with inconsistent properties resolving for namespace handlers, bla-bla. There's however a link to a certain home grown PropertyPlaceholder, which we of course don't want to change our project to. I honestly tried using it and replaced the ${} into {{}}, to no avail - the property placeholders did not resolve at all. That's why I made a crazy attempt to


  <bean id="camelSslContext" class="org.apache.camel.util.jsse.SSLContextParameters">
    <property name="keyManagers">
      <bean class="org.apache.camel.util.jsse.KeyManagersParameters">
        <property name="keyPassword" value="${myKeyPassword}" />
        <property name="keyStore">
          <bean class="org.apache.camel.util.jsse.KeyStoreParameters">
            <property name="resource" value="${myKeystoreFile}" />
            <property name="type" value="JKS" />
            <property name="password" value="${myKeystorePassword}" />
            <property name="camelContext" ref="camelContext" />
          </bean>
        </property>
        <property name="camelContext" ref="camelContext" />
      </bean>
    </property>
    <property name="camelContext" ref="camelContext" />
  </bean>

?

PROFIT.

Now we can use Spring placeholders and get a Camel native SSL configuration anywhere in the context. A route using it would look like this:


jetty:https://localhost:8080/mywebsite?sslContextParameters=#camelSslContext

So no more buddy tag handlers from Camel. Wire it with Spring.

Add a comment

Previous article 100 reasons to love MS SQL (reason 1)