namalfernandolk
Reputation: 9134
SSLException: Unrecognized SSL message, plaintext connection? error while sending https POST in Camel via PROXY
I'm trying to connect to a external https endpoint using camel https4 component through proxy. For this I setup squid proxy in linux (18.04).
According to the references [http://camel.apache.org/http4.html], I noted that this can be done using the proxyAuthHost and proxyAuthPort params. So i tried to check it with the URL given as below
https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&proxyAuthHost=192.168.xxx.xxx&bridgeEndpoint=true
But it gives "javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?" continously. I tried number of ways as mentioned below but the result is same.
Can anyone give a hint on this based on your experience / expertise?
Attempt 1 : Using PoolingHttpClientConnectionManager
Code :
@ApplicationScoped
@ContextName("camel_cdi_context")
public class HTTPRouter extends RouteBuilder {
@Override
public void configure() throws Exception {
errorHandler(deadLetterChannel("direct:error"));
try {
SSLContext sslContext = new SSLContextBuilder()
.loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
System.out.println("HTTPRouter.configure().new TrustStrategy() {...}.isTrusted()");
return true;
}
})
.build();
final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
HttpComponent http4 = getContext().getComponent("https4", HttpComponent.class);
http4.setHttpClientConfigurer(new HttpClientConfigurer() {
@Override
public void configureHttpClient(HttpClientBuilder builder) {
builder.setSSLSocketFactory(sslsf);
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-1");
Registry<ConnectionSocketFactory> r = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", sslsf)
.build();
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-2");
HttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(r);
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-3");
builder.setConnectionManager(cm);
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-4");
}
});
} catch (Exception e) {
e.printStackTrace();
}
from("direct:http")
// prepare request payload
// set url to header
// set other connection properties (eg : Connection Method, Header etc)
.choice()
.when(header("url").contains("?"))
.toD("${header.url}&throwExceptionOnFailure=false")
.endChoice()
.otherwise()
.toD("${header.url}?throwExceptionOnFailure=false")
.endChoice()
.end()
.convertBodyTo(String.class)
// process on the response
}
}
Log :
[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@2516c8e0
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 10][route: {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
[org.apache.http.impl.execchain.MainClientExec] Opening connection {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to /192.168.xxx.xxx:xxxx
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to /192.168.xxx.xxx:xxxx with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[org.apache.http.impl.conn.DefaultManagedHttpClientConnection] http-outgoing-30: Shutdown connection
[org.apache.http.impl.execchain.MainClientExec] Connection discarded
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection released: [id: 10][route: {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
[ERROR] Exchange[Id: ID-xxxx-xxx-37655-1534782529403-63-2, ExchangePattern: InOnly, Properties: {CamelCreatedTimestamp=Tue Aug 21 01:54:27 UTC 2018, CamelExceptionCaught=javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?, CamelFailureEndpoint=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&throwExceptionOnFailure=false&proxyAuthHost=192.168.xxx.xxx, CamelFailureRouteId=route221, CamelFatalFallbackErrorHandler=[route221], CamelFilterMatched=true, CamelMessageHistory=[REMOVED...], CamelToEndpoint=log://ERROR?showAll=true}, Headers: {Accept=application/json, Accept-Encoding=gzip, Authorization=Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==, breadcrumbId=ID-xxxxx-xxx-37655-1534782529403-63-1, CamelFileName=null, CamelFileNameProduced=/xxxxxx/path/to/payloads/2018-08-21/message-id-x-[EXT-Request]-2018-08-21-015427600.json, CamelHttpMethod=POST, Content-Type=application/x-www-form-urlencoded, doLogFiles=true, dontLogErrorFiles=false, messageId=message-id-x, messageName=message-name-x, routeId=direct-http, specialRq=true, specialRs=true, url=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&proxyAuthHost=192.168.xxx.xxx}, BodyType: String, Body: grant_type=client_credentials&scope=DUMMYSCOPE, CaughtExceptionType: javax.net.ssl.SSLException, CaughtExceptionMessage: Unrecognized SSL message, plaintext connection?, StackTrace: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:710)
at sun.security.ssl.InputRecord.read(InputRecord.java:527)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:389)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
at org.apache.camel.component.http4.HttpProducer.executeMethod(HttpProducer.java:334)
at org.apache.camel.component.http4.HttpProducer.process(HttpProducer.java:193)
Attempt 2 : Using BasicHttpClientConnectionManager
Code :
@ApplicationScoped
@ContextName("camel_cdi_context")
public class HTTPRouter extends RouteBuilder {
@Override
public void configure() throws Exception {
errorHandler(deadLetterChannel("direct:error"));
try {
TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
System.out.println("HTTPRouter.configure()");
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
System.out.println("HTTPRouter.configure().new HostnameVerifier() {...}.verify()");
return true;
}
};
final SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext,new String[]{"TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3"}, null, allHostsValid);
HttpComponent http4 = getContext().getComponent("https4", HttpComponent.class);
http4.setHttpClientConfigurer(new HttpClientConfigurer() {
@Override
public void configureHttpClient(HttpClientBuilder builder) {
builder.setSSLSocketFactory(sslConnectionSocketFactory);
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 1");
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", sslConnectionSocketFactory)
.build();
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 2");
HttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(registry);
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 3");
builder.setConnectionManager(connectionManager);
System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 4");
}
});
} catch (Exception e) {
e.printStackTrace();
}
from("direct:http")
// prepare request payload
// set url to header
// set other connection properties (eg : Connection Method, Header etc)
.choice()
.when(header("url").contains("?"))
.toD("${header.url}&throwExceptionOnFailure=false")
.endChoice()
.otherwise()
.toD("${header.url}?throwExceptionOnFailure=false")
.endChoice()
.end()
.convertBodyTo(String.class)
// process on the response
}
}
Log :
[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@2bb0862
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.BasicHttpClientConnectionManager] Get connection for route {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.execchain.MainClientExec] Opening connection {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to /192.168.xxx.xxx:xxxx
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to /192.168.xxx.xxx:xxxx with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [SSLv3, TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[org.apache.http.impl.conn.DefaultManagedHttpClientConnection] http-outgoing-31: Shutdown connection
[org.apache.http.impl.execchain.MainClientExec] Connection discarded
[org.apache.http.impl.conn.BasicHttpClientConnectionManager] Releasing connection [Not bound]
[ERROR] Exchange[Id: ID-xxxxx-xxx-37655-1534782529403-65-2, ExchangePattern: InOnly, Properties: {CamelCreatedTimestamp=Tue Aug 21 01:58:30 UTC 2018, CamelExceptionCaught=javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?, CamelFailureEndpoint=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&throwExceptionOnFailure=false&proxyAuthHost=192.168.xxx.xxx, CamelFailureRouteId=route228, CamelFatalFallbackErrorHandler=[route228], CamelFilterMatched=true, CamelMessageHistory=[REMOVED...], CamelToEndpoint=log://ERROR?showAll=true}, Headers: {Accept=application/json, Accept-Encoding=gzip, Authorization=Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, breadcrumbId=ID-namal-pc-37655-1534782529403-65-1, CamelFileName=null, CamelFileNameProduced=/xxxxxx/path/to/payloads/2018-08-21/message-id-x-[EXT-Request]-2018-08-21-015830349.json, CamelHttpMethod=POST, Content-Type=application/x-www-form-urlencoded, doLogFiles=true, dontLogErrorFiles=false, messageId=message-id-x, messageName=message-name-x, routeId=direct-http, specialRq=true, specialRs=true, url=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&proxyAuthHost=192.168.xxx.xxx}, BodyType: String, Body: grant_type=client_credentials&scope=DUMMYSCOPE, CaughtExceptionType: javax.net.ssl.SSLException, CaughtExceptionMessage: Unrecognized SSL message, plaintext connection?, StackTrace: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:710)
at sun.security.ssl.InputRecord.read(InputRecord.java:527)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.BasicHttpClientConnectionManager.connect(BasicHttpClientConnectionManager.java:323)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:389)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
at org.apache.camel.component.http4.HttpProducer.executeMethod(HttpProducer.java:334)
at org.apache.camel.component.http4.HttpProducer.process(HttpProducer.java:193)
Attempt 3 : Mix of above two approaches Result : same exception
Attempt 4 : Using with Httpurlconnection I did this as a controlled test and it was succeeded. Code :
private void testViaHttpUrlConnection() throws Exception {
System.setProperty("jsse.enableSNIExtension", "false");
ByteArrayOutputStream baos = null;
String requestPayload = "<payload...>";
String url = "https://endpoint-ssl-url.com/path/tp/resource";
int connectionTimeOut = 45;
int readTimeOut = 30;
String responsePayload = null;
String proxyIp = "192.168.xxx.xxx";
int proxyPort = xxxx;
try {
baos = new ByteArrayOutputStream();
baos.write(((String)requestPayload).getBytes());
TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
URL mUrl = new URL(url);
URLConnection ucon = null;
Proxy proxy_server = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyIp, proxyPort));
ucon = mUrl.openConnection(proxy_server);
HttpURLConnection con = (HttpURLConnection) ucon;
con.setConnectTimeout(connectionTimeOut * 1000);
con.setReadTimeout(readTimeOut*1000);
con.setDoOutput(true);
con.setUseCaches(false);
con.setDoInput(true);
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
baos.writeTo(con.getOutputStream());
InputStream responseStream = null;
ByteArrayOutputStream baosRsp = null;
try {
responseStream = con.getInputStream();
baosRsp = new ByteArrayOutputStream();
byte[] buffer = new byte[4096];
int length = 0;
while ((length = responseStream.read(buffer)) != -1) {
baosRsp.write(buffer, 0, length);
}
responsePayload = new String(baosRsp.toByteArray());
}finally {
try{responseStream.close();}catch (Exception e) { responseStream = null;}
try{baosRsp.close();}catch (Exception e) { baosRsp = null;}
}
}finally {
try{baos.close();}catch (Exception e) { baos = null;}
}
}
Attempt 5 : Without proxy and without trust managers - working fine
Attempt 6 : Without proxy and above Attemp 1 - working fine
Log :
[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@7800e6b6
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {s}->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 11][route: {s}->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
[org.apache.http.impl.execchain.MainClientExec] Opening connection {s}->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to endpoint-ssl-url.com/xxx.xxx.xxx.xxx:443
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to endpoint-ssl-url.com/xxx.xxx.xxx.xxx:443 with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[stdout] HTTPRouter.configure().new TrustStrategy() {...}.isTrusted()
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated protocol: TLSv1.2
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] peer principal: CN=endpoint-ssl-url.com, OU=Software Engineering Services, O=Telstra Corporation Limited, L=Melbourne, ST=Victoria, C=AU
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] peer alternative names: [endpoint-ssl-url.com]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] issuer principal: CN=QuoVadis Global SSL ICA G3, O=QuoVadis Limited, C=BM
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connection established 192.168.xxx.xxx:50230<->xxx.xxx.xxx.xxx:443
[org.apache.http.impl.execchain.MainClientExec] Executing request POST /path/to/resource HTTP/1.1
[org.apache.http.impl.execchain.MainClientExec] Proxy auth state: UNCHALLENGED
[org.apache.http.headers] http-outgoing-34 >> POST /path/to/resource HTTP/1.1
[org.apache.http.headers] http-outgoing-34 >> Accept: application/json
[org.apache.http.headers] http-outgoing-34 >> Accept-Encoding: gzip
Attempt 7 : Without proxy and above Attemp 2 - working fine Log :
[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@21c33b01
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.BasicHttpClientConnectionManager] Get connection for route {s}->https://endpoint-ssl-url.com:443
[org.apache.http.impl.execchain.MainClientExec] Opening connection {s}->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to endpoint-ssl-url.com/xxx.xxx.xxx.xxx## Heading ##:443
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to endpoint-ssl-url.com/xxx.xxx.xxx.xxx:443 with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [SSLv3, TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[stdout] HTTPRouter.configure()
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated protocol: TLSv1.2
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] peer principal: CN=endpoint-ssl-url.com, OU=Software Engineering Services, O=Telstra Corporation Limited, L=Melbourne, ST=Victoria, C=AU
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] peer alternative names: [endpoint-ssl-url.com]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] issuer principal: CN=QuoVadis Global SSL ICA G3, O=QuoVadis Limited, C=BM
[stdout] HTTPRouter.configure().new HostnameVerifier() {...}.verify()
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connection established 192.168.xxx.xxx:57748<->xxx.xxx.xxx.xxx:443
[org.apache.http.impl.execchain.MainClientExec] Executing request POST /path/to/resource HTTP/1.1
[org.apache.http.impl.execchain.MainClientExec] Proxy auth state: UNCHALLENGED
[org.apache.http.headers] http-outgoing-32 >> POST /path/to/resource HTTP/1.1
Attempt - 8 : Tried with another http endpoint with the http4 component in the same way and it was succeeded.
Attempt - 9 : Tried with directly using to() component also but same results.
Upvotes: 3
Views: 10695
Answers (1)
namalfernandolk
Reputation: 9134
Attempt 10 : I succeeded in this attempt with system properties. But I'm still seeking a solution other than via system properties. Posting here for the community. So, if there's any further findings please leave an answer or comment
Add these proxy settings to the system property as mentioned below.
System.setProperty("http.proxyHost", "192.168.xxx.xxx");
System.setProperty("http.proxyPort", "xxxx");
System.setProperty("https.proxyHost", "192.168.xxx.xxx");
System.setProperty("https.proxyPort", "xxxx");
OR
-Dhttp.proxyHost=192.168.xxx.xxx -Dhttp.proxyPort=xxxx -Dhttps.proxyHost=192.168.xxx.xxx -Dhttps.proxyPort=xxxx
Set the useSystemProperties flag to true in the URL as below.
https4://endpoint-ssl-url.com/path/to/resource?useSystemProperties=true
Then it works fine as mentioned in below log.
log :
[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@1aee22a3
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {tls}->http://192.168.xxx.xxx:3128->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 20; total allocated: 0 of 200]
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 0][route: {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 1 of 20; total allocated: 1 of 200]
[org.apache.http.impl.execchain.MainClientExec] Opening connection {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to /192.168.xxx.xxx:xxxx
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connection established 192.168.xxx.xxx:xxxx<->192.168.xxx.xxx:xxxx
[org.apache.http.headers] http-outgoing-0 >> CONNECT endpoint-ssl-url.com:443 HTTP/1.1
[org.apache.http.headers] http-outgoing-0 >> Host: endpoint-ssl-url.com
[org.apache.http.headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)
[org.apache.http.wire] http-outgoing-0 >> "CONNECT endpoint-ssl-url.com:443 HTTP/1.1[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Host: endpoint-ssl-url.com[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "HTTP/1.1 200 Connection established[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "[\r][\n]"
[org.apache.http.headers] http-outgoing-0 << HTTP/1.1 200 Connection established
[org.apache.http.impl.execchain.MainClientExec] Tunnel to target created.
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE CIPHERS...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated protocol: TLSv1.2
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] peer principal: CN=endpoint-ssl-url.com, OU=Software Engineering Services, O=Telstra Corporation Limited, L=Melbourne, ST=Victoria, C=AU
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] peer alternative names: [endpoint-ssl-url.com]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] issuer principal: CN=QuoVadis Global SSL ICA G3, O=QuoVadis Limited, C=BM
[org.apache.http.impl.execchain.MainClientExec] Executing request POST /path/to/resource HTTP/1.1
[org.apache.http.headers] http-outgoing-0 >> POST /path/to/resource HTTP/1.1
[org.apache.http.headers] http-outgoing-0 >> Accept: application/json
[org.apache.http.headers] http-outgoing-0 >> Accept-Encoding: gzip
[org.apache.http.headers] http-outgoing-0 >> Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[org.apache.http.headers] http-outgoing-0 >> breadcrumbId: xxxxxxxxxxxxxxxxxxxxxxx
[org.apache.http.headers] http-outgoing-0 >> doLogFiles: true
[org.apache.http.headers] http-outgoing-0 >> dontLogErrorFiles: false
[org.apache.http.headers] http-outgoing-0 >> messageId: message-x-id
[org.apache.http.headers] http-outgoing-0 >> messageName: message-x-name
[org.apache.http.headers] http-outgoing-0 >> routeId: direct-http
[org.apache.http.headers] http-outgoing-0 >> specialRq: true
[org.apache.http.headers] http-outgoing-0 >> specialRs: true
[org.apache.http.headers] http-outgoing-0 >> url: https4://endpoint-ssl-url.com/path/to/resource?useSystemProperties=true
[org.apache.http.headers] http-outgoing-0 >> Content-Length: 49
[org.apache.http.headers] http-outgoing-0 >> Content-Type: application/x-www-form-urlencoded
[org.apache.http.headers] http-outgoing-0 >> Host: endpoint-ssl-url.com
[org.apache.http.headers] http-outgoing-0 >> Connection: Keep-Alive
[org.apache.http.headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)
[org.apache.http.wire] http-outgoing-0 >> "POST /path/to/resource HTTP/1.1[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Accept: application/json[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Accept-Encoding: gzip[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "breadcrumbId: xxxxxxxxxxxxxxxxxxxxxxx[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "doLogFiles: true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "dontLogErrorFiles: false[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "messageId: message-x-id[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "messageName: message-x-name[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "routeId: direct-http[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "specialRq: true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "specialRs: true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "url: https4://endpoint-ssl-url.com/path/to/resource?useSystemProperties=true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Content-Length: 49[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Host: endpoint-ssl-url.com[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "grant_type=client_credentials&scope=DUMMYSCOPE"
[org.apache.http.wire] http-outgoing-0 << "HTTP/1.1 200 OK[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Date: Tue, 21 Aug 2018 04:11:35 GMT[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Content-Type: application/json; charset=UTF-8[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Content-Length: 72[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Connection: keep-alive[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Access-Control-Allow-Origin: *[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Cache-Control: no-cache,no-store,must-revalidate[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Pragma: no-cache[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Expires: 0[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Strict-Transport-Security: max-age=31536000; includeSubDomains;[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "{ "xxxx_xxxxx": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "xxxx_xxxxx": "xxxx" }"
[org.apache.http.headers] http-outgoing-0 << HTTP/1.1 200 OK
[org.apache.http.headers] http-outgoing-0 << Date: Tue, 21 Aug 2018 04:11:35 GMT
[org.apache.http.headers] http-outgoing-0 << Content-Type: application/json; charset=UTF-8
[org.apache.http.headers] http-outgoing-0 << Content-Length: 72
[org.apache.http.headers] http-outgoing-0 << Connection: keep-alive
[org.apache.http.headers] http-outgoing-0 << Access-Control-Allow-Origin: *
[org.apache.http.headers] http-outgoing-0 << Cache-Control: no-cache,no-store,must-revalidate
[org.apache.http.headers] http-outgoing-0 << Pragma: no-cache
[org.apache.http.headers] http-outgoing-0 << Expires: 0
[org.apache.http.headers] http-outgoing-0 << Strict-Transport-Security: max-age=31536000; includeSubDomains;
[org.apache.http.impl.execchain.MainClientExec] Connection can be kept alive indefinitely
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection [id: 0][route: {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443] can be kept alive indefinitely
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection released: [id: 0][route: {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 1; route allocated: 1 of 20; total allocated: 1 of 200]
[com.integration.processors.base.http.HttpResponseProcessor] process(). is started
[com.integration.processors.base.common.InterfaceProcessor] loadMessageData().messageId : message-x-id | messageName : message-x-name
[com.integration.processors.base.http.HttpResponseProcessor] process(). httpResponseCode : 200 | httpResponseText : OK
[com.integration.processors.interfaces.http.message-x-nameResponseProcessor] decodeResponse().rootNode : {"xxxx_xxxxx":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx","xxxx_xxxxx":"xxxx"}
[com.integration.processors.interfaces.http.message-x-nameResponseProcessor] decodeResponse().xxxx_xxxxx : xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[com.integration.processors.base.http.HttpResponseProcessor] process().outResponseBody : {"RESULT":{"condition":"good","severity":"good","summury":"Message X successful","detail":"{ \"xxxx_xxxxx\": \"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx\", \"xxxx_xxxxx\": \"xxxx\" }\nxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMessage X successful\n"},"OUTPUTS":{"xxxx_xxxxx":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx","FAILURE_REASON":null},"SUCCESS":true}
Upvotes: 0
Related Questions
- How do a send an HTTPS request through a proxy in Java?
- Unrecognized SSL message, plaintext connection? Exception
- JDK-11 SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
- ERR_SSL_VERSION_OR_CIPHER_MISMATCH In camel Jetty websockets
- Apache Camel Http and SSL
- Apache camel - MQTT with SSL
- A simple HTTPS proxy server with Apache Camel
- Apache camel / MQTT through SSL : Failed to create Producer for endpoint (java.lang.NullPointerException)
- Apache Camel : Proxy code
- HTTPS authentication setup using camel-http?