Skip to content

CAMEL-22497: Make HTTPS easier for camel.server#22194

Open
gnodet wants to merge 2 commits intomainfrom
florentine-november
Open

CAMEL-22497: Make HTTPS easier for camel.server#22194
gnodet wants to merge 2 commits intomainfrom
florentine-november

Conversation

@gnodet
Copy link
Contributor

@gnodet gnodet commented Mar 23, 2026
edited
Loading

JIRA: CAMEL-22497

Summary

  • Move SSL configuration (camel.ssl.*) before HTTP server configuration so global SSL context is available when the server is created
  • Auto-enable useGlobalSslContextParameters on both HTTP server and management server when camel.ssl.enabled=true, removing the need to set it separately
  • Generate a self-signed certificate when SSL is enabled but no keystore is configured, enabling HTTPS with a single property for development use

Before (4+ properties needed)

camel.ssl.enabled=true
camel.ssl.keyStore=file:keystore.jks
camel.ssl.keystorePassword=changeit
camel.server.useGlobalSslContextParameters=true

After — minimal for development (1 property)

camel.ssl.enabled=true

After — with keystore for production (3 properties)

camel.ssl.enabled=true
camel.ssl.keyStore=file:keystore.jks
camel.ssl.keystorePassword=changeit

Test plan

  • Added testMainSSLSelfSigned — verifies self-signed cert is generated and a valid SSLContext can be created
  • Added testMainSSLSelfSignedFluent — same test using fluent API
  • Added testSelfSignedCertificateGenerator — unit test for the generator utility
  • All 15 existing SSL tests still pass

@gnodet @claude
CAMEL-22497: Make HTTPS easier for camel.server
c333b35 
- Move SSL configuration before HTTP server configuration so global SSL
  context is available when the server is created
- Auto-enable useGlobalSslContextParameters on HTTP server and management
  server when camel.ssl.enabled=true
- Generate self-signed certificate when SSL is enabled but no keystore
  is configured, for easy development use

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Contributor

github-actions bot commented Mar 23, 2026

🌟 Thank you for your contribution to the Apache Camel project! 🌟
🤖 CI automation will test this PR automatically.

🐫 Apache Camel Committers, please review the following items:

  • First-time contributors require MANUAL approval for the GitHub Actions to run
  • You can use the command /component-test (camel-)component-name1 (camel-)component-name2.. to request a test from the test bot although they are normally detected and executed by CI.
  • You can label PRs using build-all, build-dependents, skip-tests and test-dependents to fine-tune the checks executed by this PR.
  • Build and test logs are available in the summary page. Only Apache Camel committers have access to the summary.

⚠️ Be careful when sharing logs. Review their contents before sharing them publicly.

@github-actions github-actions bot added the core label Mar 23, 2026
@gnodet @claude
CAMEL-22497: Address review findings
1e8673d 
- Remove spurious @SuppressWarnings("restriction")
- Replace deprecated Date methods with java.time APIs
- Use wrapTag/encodeLength consistently in buildRdn
- Import StandardCharsets instead of using fully-qualified names
- Add SAN extension (DNS:localhost, IP:127.0.0.1) to self-signed cert
- Reuse SecureRandom instance instead of creating multiple
- Respect explicit camel.server.useGlobalSslContextParameters=false
  by checking if the property was explicitly set before auto-enabling
- Add test verifying SAN extension in generated certificate

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Contributor

github-actions bot commented Mar 23, 2026

🧪 CI tested the following changed modules:

  • core/camel-main

ℹ️ Dependent modules were not tested because the total number of affected modules exceeded the threshold (50). Use the test-dependents label to force testing all dependents.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

core

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gnodet