THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
| Code Block |
|---|
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("/users/home/server/keystore.jks");
ksp.setPassword("keystorePassword");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyStore(ksp);
kmp.setKeyPassword("keyPassword");
FilterParameters filter = new FilterParameters();
filter.getInclude().add(".*");
SSLContextClientParameters sccp = new SSLContextClientParameters();
sccp.setCipherSuitesFilter(filter);
SSLContextParameters scp = new SSLContextParameters();
scp.setClientParameters(sccp);
scp.setKeyManagers(kmp);
SSLContext context = scp.createSSLContext();
SSLEngine engine = scp.createSSLEngine();
|
Using Camel Property Placeholders
This configuration utility fully supports the use of property placeholders (see Using PropertyPlaceholder) in all configuration fields. In order to support this feature, the configuration utility objects must be configured with a reference to a Camel context. All of the utility classes except for CipherSuitesParameters and SecureSocketProtocolsParameters provide a setter method for providing the context reference. Do not confuse the lack of a setter on CipherSuitesParameters and SecureSocketProtocolsParameters as an indication that you cannot use property placeholders when configuring these classes. The lack of a setter is an internal implementation detail and full placeholder support is available for both of the configuration classes.
In this example, both the client and server sides share the same custom key store; however, the client side allows any supported cipher suite while the server side will use the default cipher suite filter and exclude any cipher suites that match the patterns .*NULL.* and .*anon.*.KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("/users/home/server/keystore.jks");
ksp.setPassword("keystorePassword");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyStore(ksp);
kmp.setKeyPassword("keyPassword");
FilterParameters filter = new FilterParameters();
filter.getInclude().add(".*");
SSLContextClientParameters sccp = new SSLContextClientParameters();
sccp.setCipherSuitesFilter(filter);
SSLContextParameters scp = new SSLContextParameters();
scp.setClientParameters(sccp);
scp.setKeyManagers(kmp);
SSLContext context = scp.createSSLContext();
SSLEngine engine = scp.createSSLEngine();
XML Configuration
| Info |
|---|
Note that XML configuration is supported in both Spring and Blueprint format. |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:camel="http://camel.apache.org/schema/spring"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd">
<camel:sslContextParameters
id="mySslContext">
<camel:keyManagers
keyPassword="keyPassword">
<camel:keyStore
resource="/users/home/server/keystore.jks"
password="keystorePassword"/>
</camel:keyManagers>
<camel:serverParameters
clientAuthentication="WANT"/>
</camel:sslContextParameters>
</beans>
|
Configuring Different Options on the Client and Server Side
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0">
xmlns:camel="http://camel.apache.org/schema/blueprint">
<camel:sslContextParameters
id="mySslContext">
<camel:keyManagers
keyPassword="keyPassword">
<camel:keyStore
resource="/users/home/server/keystore.jks"
password="keystorePassword"/>
</camel:keyManagers>
<camel:clientParameters>
<camel:cipherSuitesFilter>
<camel:include>.*</camel:include>
</camel:cipherSuitesFilter>
</camel:clientParameters>
</camel:sslContextParameters>
</blueprint>
|