Setting up SSL with multiple private key

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Setting up SSL with multiple private key

atiouajni
Hi all,

My name is Anisse. I'm a new user of Apache Camel and I hope you will help me for my case.

I'm trying to configure a https connection using https4 component. But let's talk about my need first:
  - I have 3 services that uses TLS protocol (FR, EN and ES).
  - My route will forward the request to these services depending on the http path (Ex: /mypath/fr will be send a request to the service FR)

I tested 3 usecases and I encounter an issue for one of them :
  - When I have 1 kesystore and 3 privatekeys, all with the same password => OK
  - When the password of the keystore is different from the privatekey (all privkeys have same password) => OK
  - When keystore and privatekeys have different password => KO

This is the java code used for my sslcontext :

private SSLContextParameters createSSLContextParameters(
                        final SslInformations infos) {
                KeyStoreParameters ksp = new KeyStoreParameters();
                log.info("{} : ", infos.getKeystoreRep());
    ksp.setResource(infos.getKeystoreRep());
    ksp.setPassword(infos.getKeystorePwd());
   
    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyStore(ksp);
    kmp.setKeyPassword(infos.getKeyPassword());

    KeyStoreParameters truststore = new KeyStoreParameters();
                log.info("{} : ", infos.getTruststoreRep());
    truststore.setResource(infos.getTruststoreRep());
    truststore.setPassword(infos.getTruststorePwd());
    TrustManagersParameters trustManagers = new TrustManagersParameters();
    trustManagers.setKeyStore(truststore);
   
    SSLContextParameters scp = new SSLContextParameters();
    scp.setKeyManagers(kmp);
    if(infos.getKeyAlias() != null) {
    log.info("alias de la cle {}", infos.getKeyAlias());
    scp.setCertAlias(infos.getKeyAlias());    
    }
    scp.setTrustManagers(trustManagers);
   
    return scp;
        }

Is it an issue or a limitation?


thank you.
Anisse.