I want to send my camel connections through Burp Suite Proxy. I have imported my Burp Suite certificate to cacerts.

So the following example does work, the request appears in Burp Suite and program exits with no errors.

  public static void request() {
    try {
      String url = "https://example.com";

      Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("localhost", 8080));

      URL obj = new URL(url);
      HttpURLConnection con = (HttpURLConnection) obj.openConnection(proxy);

      con.setRequestMethod("GET");
      int responseCode = con.getResponseCode();
      System.out.println("Response Code: " + responseCode);

      BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
      String inputLine;
      StringBuilder response = new StringBuilder();

      while ((inputLine = in.readLine()) != null) {
        response.append(inputLine);
      }
      in.close();

      System.out.println("Response Content:");
      System.out.println(response.toString());
    } catch (IOException e) {
      e.printStackTrace();
    }
  }

Now I want to do the same thing in Camel but I get javax.net.ssl.SSLException: Unsupported or unrecognized SSL message:

2024-07-01T18:55:05,280 my-app DEBUG [Camel (MyCamel) thread #14 - file://data/population/pupil] o.a.c.c.f.GenericFileConsumer.poll(GenericFileConsumer.java:154) Took 1ms to poll: datapopulationpupil
2024-07-01T18:55:05,280 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.c.p.SendProcessor.process(SendProcessor.java:171) >>>> https://example.com Exchange[]
2024-07-01T18:55:05,281 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.c.c.h.HttpProducer.process(HttpProducer.java:273) Executing http GET method: https://example.com
2024-07-01T18:55:05,281 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.c.p.RequestAddCookies.process(RequestAddCookies.java:123) CookieSpec selected: default
2024-07-01T18:55:05,281 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.c.p.RequestAuthCache.process(RequestAuthCache.java:77) Auth cache not set in the context
2024-07-01T18:55:05,281 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.i.c.PoolingHttpClientConnectionManager.requestConnection(PoolingHttpClientConnectionManager.java:267) Connection request: [route: {tls}->https://localhost:8080->https://example.com:443][total available: 0; route allocated: 0 of 20; total allocated: 0 of 200]
2024-07-01T18:55:05,281 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.i.c.PoolingHttpClientConnectionManager.leaseConnection(PoolingHttpClientConnectionManager.java:312) Connection leased: [id: 1][route: {tls}->https://localhost:8080->https://example.com:443][total available: 0; route allocated: 1 of 20; total allocated: 1 of 200]
2024-07-01T18:55:05,281 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.i.e.MainClientExec.execute(MainClientExec.java:234) Opening connection {tls}->https://localhost:8080->https://example.com:443
2024-07-01T18:55:05,282 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.i.c.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:139) Connecting to localhost/127.0.0.1:8080
2024-07-01T18:55:05,282 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.c.s.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:366) Connecting socket to localhost/127.0.0.1:8080 with timeout 0
2024-07-01T18:55:05,283 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.c.s.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:430) Enabled protocols: [TLSv1.3, TLSv1.2]
2024-07-01T18:55:05,283 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.c.s.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:431) Enabled cipher suites:[TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
2024-07-01T18:55:05,283 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.c.s.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:435) Starting handshake
2024-07-01T18:55:05,406 my-app DEBUG [Thread-5 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl$6@42d7b96)] o.a.a.a.c.s.i.QueueImpl.deliver(QueueImpl.java:2958) Queue login/success doing deliver. messageReferences=0 with consumers=1
...
<unrelated lines omitted>
...
2024-07-01T18:26:55,368 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.h.i.c.PoolingHttpClientConnectionManager.releaseConnection(PoolingHttpClientConnectionManager.java:351) Connection released: [id: 1][route: {tls}->https://localhost:8080->https://example.com:443][total available: 0; route allocated: 0 of 20; total allocated: 0 of 200]
2024-07-01T18:26:55,368 my-app DEBUG [Camel (MyCamel) thread #15 - timer://foo] o.a.c.p.Pipeline.continueProcessing(PipelineHelper.java:66) Message exchange has failed: so breaking out of pipeline for exchange: Exchange[] Exception: javax.net.ssl.SSLException: Unsupported or unrecognized SSL message

This is how my route looks like:

import org.apache.camel.builder.RouteBuilder;
import org.springframework.stereotype.Component;

@Component
public class MyRoute extends RouteBuilder {

  @Override
  public void configure() throws Exception {

    getCamelContext().getGlobalOptions().put("http.proxyHost", "localhost");
    getCamelContext().getGlobalOptions().put("http.proxyPort", "8080");

    onException(Exception.class)
      .handled(true)
      .log("Exception occurred : ${exception.message}")
      .end();

    from("timer://foo?fixedRate=true&period=60000")
      .startupOrder(1)
      .to("https://example.com")
      .convertBodyTo(String.class)
      .log("Response : ${body}");
  }
}

I don’t understand why camel does not work while request method aboce worked? Previous code working should demonstrate that host, port, cert all work and it should not be the problem of configuration.

For your information it’s Spring Boot 2.7.18 application using camel 3.14.9 running on Java 8. I cannot upgrade this currently due to technical debt so I am currently interested in solutions that I can use with what I have. In Burp suite settings under TLS negotiation I have selected “Use all supported protocols and ciphers of your Java installation”