We have to connect out java camel application with an external system over https. In the middle we have a proxy, but this proxy only accepts http connections.
I have configured http and https proxies in the camel context but it seems that this does not help. The http4s component runs into connection closed exception. So I configured the proxy directly at the https4 endpoint. This configuration works but it seems that the component wants to communicate over https with our proxy and I receive this exception.
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
I inspect the debug log and I can see this log entry which indicates that the connection to the proxy is done over https
[DEBUG]: org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection request: [route: {tls}->https://<proxy>:<port>->https://<3rdPartySystem>:443][total kept alive: 0; route allocated: 0 of 20; total allocated: 0 of 200]
here the camel component configuration
to("https4:<3rdPartySystem>/services/oauth2/token?proxyAuthHost=...&proxyAuthPort=...")
So my question is: How can I configure a proxy in java in a way that https traffic is done over http between the java app and the proxy. From proxy to the 3rd party system communication should be done over https.
By the way the "old" http-camel component works perfect with the same proxy.
use proxyAuthScheme=http to avoid the SSLException
Related
Is there a timeout setting for requests stored in the apache tomcat request queue? If yes, what is the default value for the embedded tomcat in spring boot?
When configuring a web server, it also might be useful to set the server connection timeout. This represents the maximum amount of time the server will wait for the client to make their request after connecting before the connection is closed.
You may specify this property in your application.properties as follows.
server.connection-timeout=5s
I have deployed an application in weblogic managed server which internally connects to cloud network, since this application where I deployed is a secured network so it should connect via proxy and hence I need to configure the proxy url settings in weblogic, I added below settings in server start option in weblogic managed server however application is getting fail to start.
For Example:-
Source Ip:- SourceIp
Destination Ip:- DestIP(which is configured in application properties file)
Proxy Url :- ProxyIp
Proxy port :- 8080
Configuration done in managed server as per below.
-Dhttp.proxyHost= ProxyIp-Dhttp.proxyPort=8080 -Dhttps.proxyHost=ProxyIp-Dhttps.proxyPort=8080 -Dhttp.nonProxyHosts=SourceIp
Note:- If I deploy the application in non secured network where I do not need to configure any proxy works fine and application gets started. I am expecting post proxy configuration in web logic, my app should up and running.However I get below error:
DestIp failed: Connection timed out (Connection timed out)
I'm developing a service that sends messages to a RabbitMQ instance but the connectino has to be done through a proxy.
Is there a way to configure the connection so I can set up the host and port of the proxy as you can do when using RestTemplate but for RabbitTemplate?
Any help would be really appreciated,
Regards
I am trying to use AsyncHttpClient with a proxy server configuration to connect using wss and am having no luck. I've been using async-http-client 1.7.5 and grizzly-websockets 2.2.13 My first attempt
AsyncHttpClientConfig config = new AsyncHttpClientConfig.Builder()
.setSSLContext(sc)
.setProxyServer(
new ProxyServer(Protocol.HTTP, "192.168.1.130", 3128))
.build();
NettyWebSocket w = (NettyWebSocket)c.prepareGet("wss://192.168.1.124/atmosphere-chat/chat")
.execute(handler).get();
using the default netty configuration fails to work, This attempt appears to at least go through the proxy and connect to the remote server. The exception I get there is
java.lang.IllegalArgumentException: unsupported message type: class org.jboss.netty.handler.codec.http.websocketx.TextWebSocketFrame
When I switch to using grizzly through
AsyncHttpClient c = new AsyncHttpClient(new GrizzlyAsyncHttpProvider(config), config);
Things are better/worse. In this instance it appears that grizzly fails to send the connect verb through the http proxy, and instantly starts communicating via ssl, which fails. I would think this would be a well supported situation because of the increased likelyhood that a websocket connection would work through a proxy when using SSL. ]
Exception in thread "main" java.util.concurrent.ExecutionException: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
Am I way outside the bounds of what should be working?
Turns out this was a bug in AHC ( https://github.com/sonatype/async-http-client/issues/131#issuecomment-7745037 ) That gets fixed in 1.8.0.
I am a beginner with SSL/HTTPS. Hopefully, this isn't a dumb question.
I am writing a web service client that runs on JBOSS 4.3 which communicates with an external web service over https. I have generated the client using the wsimport tool (JAX-WS) that now comes with JDK 1.6. I am sucesfully able to communicate with the web service but I keep getting this warning message in the logs:
WARN [HTTPClientInvoker] Unable to create SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.
From what I understand, as long as the JDK recognizes the certificate (CA) that the service provider is using, there should be no problem with the communication over https. I see that the service provider is using Equifax Secure. I checked my jdk and see that it's already there by default. I am also able to communicate with the service provider but I can't figure out why I am getting the warning message. I read elsewhere that I can potentially solve this problem by setting:
javax.net.ssl.keyStore and javax.net.ssl.trustStore in my jboss run.conf
I'm not sure why I need to do this when my jdk already trusts this certificate. Can someone explain to me why I'm getting this warning message even though my communication is going through. Aslo, can someone explain to me when someone should set the two configuration (javax.net.ssl.keyStore and javax.net.ssl.trustStore) above ?
Thanks.
See JBoss JIRA:
Error creating SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.
https://issues.jboss.org/browse/TEIID-1133?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs