JBoss ESB：使用具有安全端点且无密钥库的 HTTPRouter

发布于 2024-12-03 17:22:10 字数 738 浏览 4 评论 0原文

我正在尝试创建一个 HTTPRouter 操作（在 esb 内），它将一些 XML 发送到外部 URL。该 URL 是安全的，但有一个自签名证书，我没有该证书的密钥库。下面是我编写的用于设置 HTTPRouter 的 XML。

在 ht.props 文件中只有一个属性集。我将协议套接字工厂定义为 SelfSignedSSLProtocolSocketFactoryBuilder。

#HttpProtocol Config...
protocol-socket-factory=org.jboss.soa.esb.http.protocol.SelfSignedSSLProtocolSocketFactoryBuilder

当我部署 ESB 时，出现以下错误：

org.jboss.soa.esb.ConfigurationException: Failed to locate keystore '/keystore'

阅读有关该主题的各个论坛，似乎 HTTPRouter 操作需要定义密钥库文件。如前所述，我没有，因为外部端点不是由我自己创建或控制的。有没有办法让 HTTPRouter 操作适用于未定义密钥库的安全端点？我定义端点的方式正确吗？

非常感谢提供的任何帮助！

谢谢

原文

I am attempting to create a HTTPRouter action (within an esb) which sends some XML to an external URL. The URL is secure, but has a self signed certificate which I do not have the keystore for. Below is the XML I'm writing to set up the HTTPRouter.

http://pastebin.com/FmFYU5e4

In the ht.props file there is only one property set. I am defining the protocol socket factory to be the SelfSignedSSLProtocolSocketFactoryBuilder.

#HttpProtocol Config...
protocol-socket-factory=org.jboss.soa.esb.http.protocol.SelfSignedSSLProtocolSocketFactoryBuilder

When I deploy the ESB, I am getting the following error:

org.jboss.soa.esb.ConfigurationException: Failed to locate keystore '/keystore'

Reading around the various forums on the topic, it seems that the HTTPRouter action wants a keystore file to be defined. As mentioned, I do not have one as the external endpoint is not created or controlled by myself. Is there a way to get the HTTPRouter action to work for a secure endpoint with no keystore defined? Is the way I am defining the endpoint correct?

Any help provided is greatly appreciated!

Thanks

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

暮光沉寂 2024-12-10 17:22:11

如果没有密钥库，则无法拥有 SelfSignedSSLProtocolSocketFactoryBuilder。使用 JDK keytool 命令创建自签名文件并将其放在正确的路径下：

openssl genrsa -out cert.key 1024 && echo -ne "\n\n\n\n\n$HOSTNAME\nroot@$HOSTNAME\n" | openssl req -new -key cert.key -x509 -out cert.crt -days 999
openssl x509 -outform der -in cert.crt -out cert.der
keytool -import -file cert.der -alias root -keystore /cesta/ke/keystore.jks

我不确定“root”别名。应该可以，但也许您需要不同的别名。更多详细信息如何配置（参数名称）：http://www.java2s.com/Open-Source/Java-Document/JBoss/jbossesb-4.7/org/jboss/soa/esb/http/protocol/AbstractProtocolSocketFactoryBuilder.java.htm

You cannot have SelfSignedSSLProtocolSocketFactoryBuilder without keystore. Create self-signed one using the JDK keytool command and put it under correct path:

openssl genrsa -out cert.key 1024 && echo -ne "\n\n\n\n\n$HOSTNAME\nroot@$HOSTNAME\n" | openssl req -new -key cert.key -x509 -out cert.crt -days 999
openssl x509 -outform der -in cert.crt -out cert.der
keytool -import -file cert.der -alias root -keystore /cesta/ke/keystore.jks

I am not sure about "root" alias. Should work, but maybe you need different alias name. More details how to configure (parameter names): http://www.java2s.com/Open-Source/Java-Document/JBoss/jbossesb-4.7/org/jboss/soa/esb/http/protocol/AbstractProtocolSocketFactoryBuilder.java.htm

回复收藏 0 原文

~没有更多了~