Adds http-ssl example (#130)

Co-authored-by: Croway

Author: mcarlett

README.adoc

@@ -27,7 +27,7 @@ readme's instructions.
 === Examples
 
 // examples: START
-Number of Examples: 56 (0 deprecated)
+Number of Examples: 57 (0 deprecated)
 
 [width="100%",cols="4,2,4",options="header"]
 |===
@@ -133,6 +133,8 @@ Number of Examples: 56 (0 deprecated)
 | link:reactive-streams/readme.adoc[Reactive Streams] (reactive-streams) | Reactive | An example that shows how Camel can exchange data using reactive streams with Spring Boot reactor
 
 
+| link:http-ssl/README.adoc[Http Ssl] (http-ssl) | Rest | An example showing the Camel HTTP component with Spring Boot and SSL
+
 | link:openapi-contract-first/readme.adoc[Openapi Contract First] (openapi-contract-first) | Rest | Contract First OpenAPI example
 
 | link:platform-http/README.adoc[Platform Http] (platform-http) | Rest | An example showing Camel REST DSL with platform HTTP

http-ssl/.gitignore

@@ -0,0 +1,3 @@
+ssl
+*.jks
+*.pem

http-ssl/README.adoc

@@ -0,0 +1,66 @@
+== Spring Boot Example with HTTP and SSL
+
+=== Introduction
+
+This example shows how to configure SSL in different scenarios:
+
+1. one way SSL, the server exposes REST API using SSL and the client trusts the server certificate. The SSL server configuration is managed by Spring Boot and the Camel inherit it, the SSL client configuration is managed by Camel in HTTP component
+2. two ways SSL, the server and the client check both certificates in a mutual trusted handshake
+3. same scenario as point 1 but the server configuration is managed directly in Camel (undertow component) instead of Spring Boot
+
+=== Prerequisites
+
+keytool installed and available on PATH
+
+Generate certificates and keystores
+
+    $ ./generate-certificates.sh
+
+=== Run using one way ssl (server validation on client side)
+
+Start ssl-server in a separate terminal:
+
+    $ mvn spring-boot:run -f ssl-server/pom.xml
+
+Start ssl-client in a separate terminal:
+
+    $ mvn spring-boot:run -f ssl-client/pom.xml
+
+=== Run using two ways ssl (mutual validation)
+
+Start ssl-server in a separate terminal:
+
+    $ mvn spring-boot:run -f ssl-server/pom.xml -Ptwoways
+
+Start ssl-client in a separate terminal:
+
+    $ mvn spring-boot:run -f ssl-client/pom.xml -Ptwoways
+
+=== Run using Camel component as server
+
+Start ssl-camel-server in a separate terminal:
+
+    $ mvn spring-boot:run -f ssl-camel-server/pom.xml
+
+Start ssl-client in a separate terminal:
+
+    $ mvn spring-boot:run -f ssl-client/pom.xml
+
+=== Call service to start handshake
+
+    $ curl http://localhost:8080/ping
+
+==== Tip
+
+to show the full handshake it is possible to add `-Dspring-boot.run.jvmArguments="-Djavax.net.debug=all"` in the start command line
+
+
+=== Help and contributions
+
+If you hit any problem using Camel or have some feedback, then please
+https://camel.apache.org/community/support/[let us know].
+
+We also love contributors, so
+https://camel.apache.org/community/contributing/[get involved] :-)
+
+The Camel riders!

http-ssl/generate-certificates.sh

@@ -0,0 +1,54 @@
+#!/bin/bash
+GEN_DIR="ssl"
+
+K_PASS=pass123
+SERVER_JKS=$GEN_DIR/server.jks
+SERVER_CERT=$GEN_DIR/server.pem
+SERVER_TRUST=$GEN_DIR/server-truststore.jks
+CLIENT_JKS=$GEN_DIR/client.jks
+CLIENT_CERT=$GEN_DIR/client.pem
+CLIENT_TRUST=$GEN_DIR/client-truststore.jks
+
+echo remove directory $GEN_DIR if exists
+[ -e $GEN_DIR ] && rm -rf $GEN_DIR
+
+echo create directory $GEN_DIR
+mkdir -p $GEN_DIR
+
+echo generate server certificates
+keytool -alias server -dname "cn=localhost, ou=ssl-server, o=csb-http-ssl, c=US" -genkeypair -storepass $K_PASS -keyalg RSA -keystore $SERVER_JKS
+
+echo generate client certificates
+keytool -alias client -dname "cn=localhost, ou=ssl-client, o=csb-http-ssl, c=US" -genkeypair -storepass $K_PASS -keyalg RSA -keystore $CLIENT_JKS
+
+echo export server certificates
+keytool -exportcert -alias server -storepass $K_PASS -keystore $SERVER_JKS -rfc -file $SERVER_CERT
+
+echo export client certificates
+keytool -exportcert -alias client -storepass $K_PASS -keystore $CLIENT_JKS -rfc -file $CLIENT_CERT
+
+echo import server in client truststore
+keytool -import -keystore $CLIENT_TRUST -storepass $K_PASS -file $SERVER_CERT -alias server -noprompt -trustcacerts
+
+echo import client in server truststore
+keytool -import -keystore $SERVER_TRUST -storepass $K_PASS -file $CLIENT_CERT -alias client -noprompt -trustcacerts
+
+echo copy $SERVER_JKS in ssl-server/src/main/resources
+[ -e ssl-server/src/main/resources/server.jks ] && rm ssl-server/src/main/resources/server.jks
+cp $SERVER_JKS ssl-server/src/main/resources/server.jks
+
+echo copy $SERVER_TRUST in ssl-server/src/main/resources
+[ -e ssl-server/src/main/resources/server-truststore.jks ] && rm ssl-server/src/main/resources/server-truststore.jks
+cp $SERVER_TRUST ssl-server/src/main/resources/server-truststore.jks
+
+echo copy $CLIENT_JKS in ssl-client/src/main/resources
+[ -e ssl-client/src/main/resources/client.jks ] && rm ssl-client/src/main/resources/client.jks
+cp $CLIENT_JKS ssl-client/src/main/resources/client.jks
+
+echo copy $CLIENT_TRUST in ssl-client/src/main/resources
+[ -e ssl-client/src/main/resources/client-truststore.jks ] && rm ssl-client/src/main/resources/client-truststore.jks
+cp $CLIENT_TRUST ssl-client/src/main/resources/client-truststore.jks
+
+echo copy $SERVER_JKS in ssl-camel-server/src/main/resources
+[ -e ssl-camel-server/src/main/resources/server.jks ] && rm ssl-camel-server/src/main/resources/server.jks
+cp $SERVER_JKS ssl-camel-server/src/main/resources/server.jks

http-ssl/pom.xml

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<parent>
+		<groupId>org.apache.camel.springboot.example</groupId>
+		<artifactId>examples</artifactId>
+		<version>4.7.0-SNAPSHOT</version>
+	</parent>
+
+	<artifactId>camel-example-spring-boot-http-ssl</artifactId>
+	<name>Camel SB Examples :: HTTP SSL</name>
+	<description>An example showing the Camel HTTP component with Spring Boot and SSL</description>
+	<packaging>pom</packaging>
+
+	<properties>
+		<category>Rest</category>
+	</properties>
+
+	<!-- Spring-Boot and Camel BOM -->
+	<dependencyManagement>
+		<dependencies>
+			<dependency>
+				<groupId>org.apache.camel.springboot</groupId>
+				<artifactId>camel-spring-boot-bom</artifactId>
+				<version>${project.version}</version>
+				<type>pom</type>
+				<scope>import</scope>
+			</dependency>
+			<dependency>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-dependencies</artifactId>
+				<version>${spring-boot-version}</version>
+				<type>pom</type>
+				<scope>import</scope>
+			</dependency>
+		</dependencies>
+	</dependencyManagement>
+
+	<modules>
+		<module>ssl-server</module>
+		<module>ssl-client</module>
+		<module>ssl-camel-server</module>
+	</modules>
+
+</project>

http-ssl/ssl-camel-server/pom.xml

@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<parent>
+		<groupId>org.apache.camel.springboot.example</groupId>
+		<artifactId>camel-example-spring-boot-http-ssl</artifactId>
+		<version>4.7.0-SNAPSHOT</version>
+	</parent>
+
+	<artifactId>camel-example-spring-boot-http-ssl-camel-server</artifactId>
+	<name>Camel SB Examples :: HTTP SSL :: SSL Camel server</name>
+	<description>SSL Server using undertow component</description>
+
+	<properties>
+		<category>Rest</category>
+
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+	</properties>
+
+	<dependencies>
+
+		<!-- Camel -->
+		<dependency>
+			<groupId>org.apache.camel.springboot</groupId>
+			<artifactId>camel-spring-boot-starter</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.camel.springboot</groupId>
+			<artifactId>camel-undertow-starter</artifactId>
+		</dependency>
+
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+				<version>${spring-boot-version}</version>
+				<executions>
+					<execution>
+						<goals>
+							<goal>repackage</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+</project>

http-ssl/ssl-camel-server/src/main/java/org/apache/camel/springboot/example/httpssl/HttpSslCamelServerApplication.java

@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.springboot.example.httpssl;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class HttpSslCamelServerApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(HttpSslCamelServerApplication.class, args);
+	}
+}

http-ssl/ssl-camel-server/src/main/java/org/apache/camel/springboot/example/httpssl/HttpSslCamelServerRouter.java

@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.springboot.example.httpssl;
+
+import org.apache.camel.builder.RouteBuilder;
+
+import org.springframework.stereotype.Component;
+
+@Component
+public class HttpSslCamelServerRouter extends RouteBuilder {
+	@Override
+	public void configure() throws Exception {
+		from("undertow:https://localhost:8443/ping")
+				.setBody().constant("pong");
+	}
+}

http-ssl/ssl-camel-server/src/main/java/org/apache/camel/springboot/example/httpssl/SSLConfiguration.java

@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.springboot.example.httpssl;
+
+import org.apache.camel.support.jsse.KeyManagersParameters;
+import org.apache.camel.support.jsse.KeyStoreParameters;
+import org.apache.camel.support.jsse.SSLContextParameters;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class SSLConfiguration {
+
+	@Bean("serverConfig")
+	public SSLContextParameters sslContextParameters(@Value("${keystore-password}") final String password) {
+		final SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+		final KeyStoreParameters ksp = new KeyStoreParameters();
+		ksp.setResource("classpath:server.jks");
+		ksp.setPassword(password);
+		ksp.setType("PKCS12");
+
+		KeyManagersParameters kmp = new KeyManagersParameters();
+		kmp.setKeyPassword(password);
+		kmp.setKeyStore(ksp);
+
+		sslContextParameters.setKeyManagers(kmp);
+
+		return sslContextParameters;
+	}
+}