Doing HTTPS communication with http:outbound-gateway

In Spring Integration when using http:outbound-gateway if you have to do https communication, you need to do the following trick,

<int-http:outbound-gateway id="my.outbound.gateway"
request-channel="request-channel" reply-channel="reply-channel"
url="https://localhost:8443/myservice/myService"
http-method="POST"
expected-response-type="java.lang.String">
</int-http:outbound-gateway>

Now you need to pass the keystore and trust store of the client and server as follows,

<bean id="trustStore">
<property name="targetObject" value="#{@systemProperties}" />
<property name="targetMethod" value="putAll" />
<property name="arguments">
<props>
<prop key="javax.net.ssl.trustStore"><jks key location></prop>
<prop key="javax.net.ssl.keyStorePassword">password</prop>
</props>
</property>
</bean>

<bean id="keystore">
<property name="targetObject" value="#{@systemProperties}" />
<property name="targetMethod" value="putAll" />
<property name="arguments">
<props>
<prop key="javax.net.ssl.keyStore"><jks key location></prop>
<prop key="javax.net.ssl.keyStorePassword">password</prop>
</props>
</property>
</bean>

There is also another way as mentioned in this article @ http://forum.springsource.org/showthread.php?115198-HTTPS-in-http-outbound-gateway

I hope this blog helped you.

About these ads

8 thoughts on “Doing HTTPS communication with http:outbound-gateway

  1. ajmal

    Hi, Could you please let me know the configuration on client side which http outbound adapter as beans keystore and truststore are missing the classes. If you have complete example. Could you upload the code. Thanks

    Reply
  2. ajmal

    Thanks, I’m able to configure and it is working fine. Using truststore is enough for communicating with outbound adapter.

    Reply
  3. Sarath

    Hi, Kindly let me know on how can we configure the trustStore and keyStore ? Should it be used in outbound-gateway call ?

    Reply
  4. aironman2k

    Hi Krishna, nice to meet you. could you help me with my issue?. I am trying to use spring integration in order to connect to a https application server, this is the config i am trying to use:

    http://pastebin.com/C6ViGJUN

    i already have the pem file using the terminal and this command:
    openssl s_client -connect api.wheretheiss.at:443 -prexit -showcerts

    this is the output of the command: http://pastebin.com/iJq25dbh

    then, i create a iss.pem file with the content
    —–BEGIN CERTIFICATE—–MIIFKjCCBBKgAwIBAgIDDJeoMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT
    MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew
    HhcNMTMwNjE2MTIyMzA0WhcNMTUwNzE4MjE0ODE5WjCBwTEpMCcGA1UEBRMgdFpZ
    ZGpZTE94dm83dHVyL3hBcC1NZ25xMEhFZmkwQ1AxEzARBgNVBAsTCkdUNDMxOTk3
    MzcxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29tL3Jlc291cmNlcy9jcHMg
    KGMpMTMxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZhbGlkYXRlZCAtIFJhcGlk
    U1NMKFIpMRswGQYDVQQDExJhcGkud2hlcmV0aGVpc3MuYXQwggEiMA0GCSqGSIb3
    DQEBAQUAA4IBDwAwggEKAoIBAQDgKgHW50S5xST9ER5sqM1bV/+mNALhEkKbJzeO
    GkxnUkHp9CNV4pK3cmDL611bfz26jnnVhzQ/zYk6kaRmN1hm6bliUUGxQB7pXnHe
    1x3MNTtm9f4eE52+k4/Z1itsuYpUbnrOt2EYlxTxkGvd+hb0hRRsJxyuSfzCuUrI
    fRTL3CUFnJzKPniBX94GECIi6n1IScMpkswacFKVLELupnjduthiNPmBXxh34FGv
    lbdYVNEYcIwf50/o+yJ747d4k9XiB1Sp1BV4MQZI23R5leeKw024T+FNF8jtduAl
    FKVOE1z5LnLGVFAlbSEgUbvio4wybdunh5kQJ3hJqJAaXHADAgMBAAGjggGtMIIB
    qTAfBgNVHSMEGDAWgBRraT1qGEJK3Y8CZTn9NSSGeJEWMDAOBgNVHQ8BAf8EBAMC
    BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdEQQWMBSCEmFw
    aS53aGVyZXRoZWlzcy5hdDBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vcmFwaWRz
    c2wtY3JsLmdlb3RydXN0LmNvbS9jcmxzL3JhcGlkc3NsLmNybDAdBgNVHQ4EFgQU
    yQEiIBSGVo+eYu/Il5JNtPD7ck8wDAYDVR0TAQH/BAIwADB4BggrBgEFBQcBAQRs
    MGowLQYIKwYBBQUHMAGGIWh0dHA6Ly9yYXBpZHNzbC1vY3NwLmdlb3RydXN0LmNv
    bTA5BggrBgEFBQcwAoYtaHR0cDovL3JhcGlkc3NsLWFpYS5nZW90cnVzdC5jb20v
    cmFwaWRzc2wuY3J0MEwGA1UdIARFMEMwQQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUF
    BwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqG
    SIb3DQEBBQUAA4IBAQCKAInFmnSvaZaDxDMV9UU47rw7ionKPwVsIRkfF9MOw3tW
    9yojQ6dQt6Ih9LLQnE/reKcDVWt3D5Ll06dUyDFMzvCpeO/WW2RuUWkDqvllD3C7
    knAS4zRC5PKORTJAMB2rTqKO7JFdSdxINtCmKQLuf9YF2zWfxXl+Y+xsRv3qznBY
    PwldjlzD+VgJJ5t10EY1GeLrgiQZKCD4yy4vQqkoFI0FjsEXMIz/Gpjc8std0n27
    gpDmXeOUtiUeNCu4HluLW8mibH7I/Gh5noOGSdV6N8BQdPG7YzROtW2D6JW0R8Lt
    m66Ds9lG+1T/amUdrSbAZcOjry76mImhYbN1pG6f
    —–END CERTIFICATE—–
    with that pem file i launch the next command using the terminal and changing to the directory file

    MacBook-Pro-Retina-de-Alonso:certificados aironman$ keytool -import -alias iss -file iss.pem -keystore trust.jks
    Introduzca la contraseña del almacén de claves:
    error de herramienta de claves: java.lang.Exception: Certificado no importado, el alias ya existe

    Sorry for the spanish, the terminal it is telling us that the certificate is already saved
    So i can see the cert file in Keychain Access, i am using osx to develop.

    Theorically i am ready to use the cert file in my app, but, if i omit the PASSWORD you provide with my real pass, i am getting this error when i deploy it:

    Caused by: org.xml.sax.SAXParseException; lineNumber: 19; columnNumber: 15; The attribute name “key” associated with an element type “jks” must be followed by ‘=’ character.

    So, i am confused, could you help me a bit, please?

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s