Thanks very much! I will update my environment today.
As for the question about the test case, I don't know enough about SSL (yet)
to understand why connection to this particular third-party server fails for
me. I will need to get back to you on this.
thanks again,
Gareth
Ashwin Karpe wrote:
>
> Hi,
>
> I have committed a fix based on your change request. You should be able to
> now checkout the latest changes from the trunk.
>
> Cheers,
>
> Ashwin...
>
>
> Gareth Collins wrote:
>>
>> Hello,
>>
>> Would it be possible to make the TrustManager optional for Netty SSL
>> support? I made a change in my local version of camel-netty and it works
>> for me (file org.apache.camel.component.netty.ssl.SSLEngineFactory -
>> replacement for the original SSLEngineFactory constructor):
>>
>> public SSLEngineFactory(File keyStoreFile, File trustStoreFile, char[]
>> passphrase) throws Exception {
>> super();
>>
>> KeyStore ks = KeyStore.getInstance("JKS");
>>
>> ks.load(IOConverter.toInputStream(keyStoreFile), passphrase);
>>
>> KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
>> kmf.init(ks, passphrase);
>>
>> sslContext = SSLContext.getInstance(SSL_PROTOCOL);
>>
>>
>> if (trustStoreFile != null)
>> {
>>
>> KeyStore ts = KeyStore.getInstance("JKS");
>>
>> ts.load(IOConverter.toInputStream(trustStoreFile), passphrase);
>>
>> TrustManagerFactory tmf =
>> TrustManagerFactory.getInstance("SunX509");
>> tmf.init(ts);
>> sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
>> null);
>> }
>> else
>> {
>> sslContext.init(kmf.getKeyManagers(), null, null);
>> }
>> }
>>
>> I ask for this as I have to contact a server where SSL will not work
>> properly if a TrustManager is installed. If this could go in before CAMEL
>> 2.3 it would be much appreciated.
>>
>> A couple of questions about the netty implementation:
>>
>> (1) Is there a reason why JKS was hardcoded here, rather than allowing
>> the key store format to be configured?
>>
>> (2) When I add the TrustManager using netty for the connection where it
>> could not be used, netty throws me no exception, the connection remains
>> open, but the messages I send do not get to the server. If I connect
>> directly using an SSLSocket I see a javax.net.ssl.SSLHandshakeException.
>> Is there something I am missing here?
>>
>> thanks in advance,
>> Gareth Collins
>>
>
>
--
View this message in context:
http://old.nabble.com/Make-TrustManager-Optional-When-Using-SSL-For-Netty-tp28186386p28219136.html
Sent from the Camel - Users mailing list archive at Nabble.com.
