[
https://issues.apache.org/jira/browse/CAMEL-23784?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Claus Ibsen updated CAMEL-23784:
--------------------------------
Fix Version/s: 4.21.0
> camel-splunk-hec: mark skipTlsVerify with security="insecure:ssl"
> -----------------------------------------------------------------
>
> Key: CAMEL-23784
> URL: https://issues.apache.org/jira/browse/CAMEL-23784
> Project: Camel
> Issue Type: Improvement
> Components: camel-splunk-hec
> Reporter: Andrea Cosentino
> Assignee: Andrea Cosentino
> Priority: Major
> Fix For: 4.21.0
>
>
> h3. Problem
> When {{skipTlsVerify=true}}, camel-splunk-hec wires a trust-all SSL context
> plus a NoopHostnameVerifier, disabling TLS validation. The
> {{@UriParam(label="security")}} on the option does not carry the {{security =
> "insecure:ssl"}} marker that Camel uses to flag TLS-disabling options (per
> design/security.adoc), so tooling and the security tooling profile cannot
> detect it.
> h3. Evidence
> *
> components/camel-splunk-hec/src/main/java/org/apache/camel/component/splunkhec/SplunkHECConfiguration.java:46-47
> (skipTlsVerify field/UriParam)
> h3. Suggested fix
> Add security = "insecure:ssl" to the @UriParam on skipTlsVerify; regenerate
> component metadata/catalog/endpoint-dsl.
> h3. Acceptance criteria
> * skipTlsVerify @UriParam carries security = "insecure:ssl"
> * Generated component JSON, catalog and endpoint-dsl are regenerated and
> committed
> * No functional change to the option
> _Created by Claude Code on behalf of Andrea Cosentino._
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
