Reputation: 13
How to overide keystore alias in sslContextParameter in camel
We are trying to use SSLContextParameter in camel 2.22.0 with Tomcat for https4 request.
Our goal is to use only one keystore for private/public key with multiple alias. We load the spring ssContextParameter while camel is loading, and we want to use only alias when we define hhtps4 Endpoint, without defining a new sslContextParameter for each Endpoint in our route (~50 routes).
<camel:sslContextParameters id="sslAPPContextParameters"
xmlns="http://camel.apache.org/schema/spring" >
<camel:trustManagers>
<camel:keyStore password="${truststore.jks.file.password}"
resource="${truststore.jks.file.location}" />
</camel:trustManagers>
<camel:keyManagers>
<camel:keyStore password="${keystore.jks.file.password}"
resource="${keystore.jks.file.location}" />
</camel:keyManagers>
</camel:sslContextParameters>
</beans>
Is it possible ? I found "sslContextParameters/@certAlias" but it seems to need a new sslContextParameter definition to use it, which is not my need due to our huge number of camelRoute.
Thanks in advance.
Upvotes: 0
Views: 1721
Answers (1)
Reputation: 3913
As far as i know:
- There is one (and only one) cert alias per sslContextParameters instance
- The HTTP4 component supports only one instance of SSLContextParameters per component (clearly explained in http://camel.apache.org/http4.html)
This means that your Camel routes are sharing the same SSL conf, and it would therefore not be a good idea to override the cert alias in multiple places (and with a different value).
I'm afraid the only solution is to define N variants of the HTTP component accompanied by its corresponding SSL conf:
<bean id="httpX" class="org.apache.camel.component.http4.HttpComponent">
<property name="sslContextParameters" ref="sslContextParams1"/>
</bean>
<bean id="httpY" class="org.apache.camel.component.http4.HttpComponent">
<property name="sslContextParameters" ref="sslContextParams2"/>
</bean>
and later use the appropriate one in your https endpoints
Upvotes: 2
Related Questions
- How I can tell alias of the wanted key-entry to SSLSocket before connecting?
- How to handle alias in TrustStore
- How to externalise sslContextParameters
- How do I configure sslContextParameters for camel-undertow to use with the rest DSL?
- how to add jks file while invoking Restful serice through camel
- Camel Property-Placeholder: Not able to configure `camel:sslContextParameters` with nested properties
- Adding SSL keystore password as alias in domain.xml
- Get certificate by alias in keystore with multiple entries in Java
- How to specify outbound certificate alias for HTTPS-calls?
- Java SSL Client Auth: How to select alias in Keystore?