CODEWITHSUNDEEP
javaspring-bootapache-cameljssecamel-http
tusharRawat
tusharRawat

Reputation: 657

How to configure TLSv1.2 on Camel's http component to call an external service?

Below is the configured route I am using, to call an external service.

services_routes.xml

 <beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/context
    http://www.springframework.org/schema/context/spring-context-3.0.xsd
    http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd">


    <routeContext id="servicesCommonRoutes"
        xmlns="http://camel.apache.org/schema/spring">

        <route id="Route">
            <from uri="direct:route" />
            <marshal>
                <custom ref="Request" />
            </marshal>
            <setHeader name="Content-Type" inheritErrorHandler="true">
                <constant>application/json</constant>
            </setHeader>
            <setHeader name="CamelHttpMethod">
                <constant>POST</constant>
            </setHeader>
            <to uri="{{svrRouteEndpoint}}" />
            <unmarshal>
                <custom ref="Response" />
            </unmarshal>
        </route>

    </routeContext>
</beans>

application.properties

svrRouteEndpoint=https://vpce-somehost.awazonaws.com/endpoint
svrApiKey=0123abcd

Service.java

@Autowired
private ProducerTemplate template;
    
 @Value("${svrApiKey}")
private String svrApiKey;


public Response process(Request req, Map<String, Object> headers) throws CamelExecutionException {
    Response response = template.requestBodyAndHeaders("direct:route", req, headers, Response.class);
    return response;
}

 public Map<String, Object> createHeaders(String xWuExternalrefid) {
    Map<String, Object> headers = new HashMap<>();
    headers.put("x-api-key", svrApiKey);
    return headers;
}

Issue:

Now using the above route when I try to access the service hosted on amazon-aws with the vpce URL provided. I am getting a Forbidden response code = "403" with {"message" : "Forbidden"}.

There are no other headers required to access the service except "x-api-key", so there is a possibility that somehow the TLS version is in not matching at client vs server side.

I need call the service with producerTemplate, but for that I need to configure/ensure TLSv1.2 on Camel Client.

So how to configure(xml) TLSv1.2 on my routes in service_routes.xml(with minimum configuration), such that producerTemplate/camel client is able to access the service, and enforce SSL to be TLSv1.2.

Upvotes: 0

Views: 844

Answers (0)

Related Questions