Re: [jclouds-labs] Upgrade to docker 1.7 (#188)

Ignasi Barrera Tue, 21 Jul 2015 02:31:48 -0700

> +         client.setConnectTimeout(utils.getConnectionTimeout(), 
> TimeUnit.MILLISECONDS);
> +         client.setReadTimeout(utils.getSocketOpenTimeout(), 
> TimeUnit.MILLISECONDS);
> +         client.setFollowRedirects(false);
> +         ConnectionSpec tlsSpec = new 
> ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
> +                 .tlsVersions(TlsVersion.TLS_1_0, TlsVersion.TLS_1_1, 
> TlsVersion.TLS_1_2)
> +                 .build();
> +         ConnectionSpec cleartextSpec = new 
> ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT)
> +                 .build();
> +         client.setConnectionSpecs(ImmutableList.of(tlsSpec, cleartextSpec));
> +         
> client.setSslSocketFactory(sslContextWithKeysSupplier.get().getSocketFactory());
> +
> +         if (utils.relaxHostname()) {
> +            client.setHostnameVerifier(hostnameVerifier);
> +         }
> +         return client;
> +      }


Agree. The trustallcerts thing is something like "Oh, ok, I don't want to deal 
(and I don't care) with SSL at all but I have an SSL endpoint", so I'd say the 
Docker certs should also be ignored. If that is the case, the default 
implementation of the untrusted supplier should already work and no changes 
would be required.

---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs/pull/188/files#r35084671

Re: [jclouds-labs] Upgrade to docker 1.7 (#188)

Reply via email to