我有一个 Apache Camel+Camel-email+Springboot 项目。我的骆驼上下文文件中的 IMAP 路由无法启动,并出现错误
org.apache.camel.FailedToStartRouteException: Failed to start route mail-route-imap because of nullapplication.properties 中添加了一些 SSL 特定参数,我需要这些参数来与后端 API 进行交互。我想知道为什么,因为与 Exchange 服务器的 IMAP 连接是通过 OAUTH2 Client Secret 进行的。我想知道为什么
msal4jmyExchangeAuthenticatorERROR | ForkJoinPool.commonPool-worker-1 | AuthenticationResultSupplier.java logException:155 | [Correlation ID: 272b48e9-bf32-4244-9b4b-61dd0cda568e] Execution of class com.microsoft.aad.msal4j.AcquireTokenByClientCredentialSupplier failed.
com.microsoft.aad.msal4j.MsalClientException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequest(HttpHelper.java:53)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
ERROR | main | SpringApplication.java reportFailure:818 | Application run failed
org.apache.camel.FailedToStartRouteException: Failed to start route mail-route-imap because of null
at org.apache.camel.impl.engine.RouteService.setUp(RouteService.java:132)
camel-context.xml
<route id="mail-route-imap" autoStartup="true">
<from id="office365" uri="imaps://outlook.office365.com:993?authenticator=#myExchangeAuthenticator&debugMode=true&mail.imaps.proxy.host={{proxyHost}}&mail.imaps.proxy.port={{proxyPort}}&mail.imaps.auth.mechanisms=XOAUTH2&disconnect=true" />
<to uri="direct:someProcessChainAhead" />
</route>
应用程序属性
# Enabling SSL Bench
server.http2.enabled=true
server.ssl.enabled=true
server.ssl.enabl=TLSv1.2,TLSv1.3
server.servlet.session.cookie.secure=true
server.servlet.session.cookie.same-site=strict
server.ssl.trust-store=/some-path-here/truststore.ks
server.ssl.key-alias=nfmt
server.ssl.key-store=/some-path-here/keystore.ks
server.ssl.client-auth=want
MainApplication.java
`//在appContext中初始化SSL参数
public static void main(String[] args) { MyVaultUtil.initialize(); System.setProperty("javax.net.ssl.trustStore", "/some-path-here/truststore.ks"); System.setProperty("javax.net.ssl.trustStorePassword", MyVaultUtil.getInstance() .getSecret(MyVaultUtil.SecretKeys.truststore_external_password.getKey())); System.setProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()); System.setProperty("server.ssl.trust-store-password", MyVaultUtil.getInstance() .getSecret(MyVaultUtil.SecretKeys.truststore_external_password.getKey())); System.setProperty("server.ssl.key-store-password", MyVaultUtil.getInstance() .getSecret(MyVaultUtil.SecretKeys.keystore_external_password.getKey())); MainApplication.run(MainApplication.class, args); }
@Bean //initializing inside MainApp
MicrosoftExchangeOnlineOAuth2MailAuthenticator exchangeAuthenticator() {
return new MicrosoftExchangeOnlineOAuth2MailAuthenticator(tenantId, clientId, clientSecret, userName);
}`
我的Apache Camel+Camel-email+Springboot项目是一个客户端项目。因此,在 application.properties 中包含这些条目是不行的,也不能将它们设置在 Main 类中。相反,我在后端服务中使用了 sslConfig(一个专用类,用于 HTTP 客户端的 SSLContext 初始化),它可以建立对后端服务的基于证书的调用。