> +jclouds only changes the SSL connection settings (rather than inheriting > them from the JVM) in two cases: > + > +1) If you are setting `jclouds.trust-all-certs=true`, i.e. are configuring > jclouds to trust **all** certificates > + > +If you are concerned about secure connections, it is almost never a good > idea to use this option in the first place. If you absolutely need to trust > all certificates _and_ disable SSLv3, you can: > + > + * create an SSLContext with the appropriate settings (see > [SSLModule](https://github.com/jclouds/jclouds/blob/master/core/src/main/java/org/jclouds/http/config/SSLModule.java) > for an example of how to create a trust manager that trusts all certs) > + * set it as the default socket factory for HttpsURLConnection as described > above > + * set jclouds.trust-all-certs to false, to prevent jclouds from using its > own SSLContext > + > +2) If you are using the [Azure > Compute](https://github.com/jclouds/jclouds-labs/tree/master/azurecompute) or > [FCGP](https://github.com/jclouds/jclouds-labs/tree/master/fgcp) labs > providers > + > +jclouds sets a specific SSL configuration for these providers to support the > key-based authentication they require. If you are using either of these > providers and need to disable SSLv3, follow the same steps as above > + > +* create an SSLContext with the appropriate settings (see > [here](https://github.com/jclouds/jclouds-labs/blob/master/azurecompute/src/main/java/org/jclouds/azurecompute/suppliers/SSLContextWithKeysSupplier.java) > for Azure Compute and > [here](https://github.com/jclouds/jclouds-labs/blob/master/fgcp/src/main/java/org/jclouds/fujitsu/fgcp/suppliers/SSLContextWithKeysSupplier.java) > for FCGP) > + * set it as the default socket factory for HttpsURLConnection as described > above
This is the bit I'm least happy with. Can we e.g. try to verify that you don't need to do anything if you're using these two providers: Azure Compute because it probably wasn't working anyway, and FGCP because e.g. SSLv3 is no longer supported on the server-side? /cc @adriancole @dkoper --- Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-site/pull/138/files#r19261916
