Hi,
Thanks for this code Ignasi, but it seems the client configuration is not
used, because the client tries a direct connection without proxy :(
Here is my code :
public static class TLSOkHttpClientSupplier implements
OkHttpClientSupplier {
@Override public OkHttpClient get() {
OkHttpClient client = new OkHttpClient();
ConnectionSpec tlsSpec =
new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_1, TlsVersion.TLS_1_2)
.build();
ConnectionSpec cleartextSpec =
new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT).build();
client.setConnectionSpecs(ImmutableList.of(tlsSpec,
cleartextSpec));
client.setProxy(new Proxy(Proxy.Type.HTTP, new
InetSocketAddress("10.182.110.12", 8080)));
return client;
}
}
Module tlsModule = new AbstractModule() {
@Override protected void configure() {
bind(OkHttpClientSupplier.class).to(TLSOkHttpClientSupplier.class);
}
};
Iterable<Module> modules = ImmutableSet.<Module>of(new
SLF4JLoggingModule(),tlsModule, new OkHttpCommandExecutorServiceModule());
Properties overrides = new Properties();
overrides.setProperty(Constants.PROPERTY_LOGGER_WIRE_LOG_SENSITIVE_INFO,
true + "");
keystoneApi = ContextBuilder.newBuilder(provider)
.endpoint(endpoint)
.credentials(identity, password)
.modules(modules)
.overrides(overrides)
.buildApi(KeystoneApi.class);
Any idea of my mistake ?
Regards,
Stéphane
2016-03-05 1:28 GMT+01:00 Ignasi Barrera <[email protected]>:
> Hi!
>
> Andrew's link will provide you the context you need.
>
> I don't know if there is a proper way of configuring this using the
> default HTTP driver, but here is a specific example using the OkHttp
> one:
>
> First you will need to create an OkHttpClientSupplier that creates the
> http client with the desired connection configuration:
>
> public class TLSOkHttpClientSupplier implements OkHttpClientSupplier {
> @Override public OkHttpClient get() {
> OkHttpClient client = new OkHttpClient();
> ConnectionSpec tlsSpec =
> new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
> .tlsVersions(TlsVersion.TLS_1_1, TlsVersion.TLS_1_2)
> .build();
> ConnectionSpec cleartextSpec =
> new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT).build();
> client.setConnectionSpecs(ImmutableList.of(tlsSpec, cleartextSpec));
> return client;
> }
> }
>
> Once you have the class that will create the OkHttpClient you just
> have to inject it in the Guice context and configure the OkHttp driver
> to be used to manage the HTTP connections. Both things are achieved by
> providing additional modules when creating the context:
>
> // Create a Guice module that will bind your supplier implementation
> // to the injection context
> Module tlsModule = new AbstractModule() {
> @Override protected void configure() {
> bind(OkHttpClientSupplier.class).to(TLSOkHttpClientSupplier.class);
> }
> };
>
> // Create the context loading the OkHttpDriver and your custom module
> ContextBuilder.newBuilder("provider")
> .modules(ImmutableSet.of(tlsModule,
> new OkHttpCommandExecutorServiceModule()))
> .build()
>
> Note than in order to use the OkHttp driver you'll have to add the
> "org.apache.jclouds.driver/jclouds-okhttp" dependency to your pom.xml.
>
>
> HTH!
>
> I.
>
> On 4 March 2016 at 22:23, Andrew Phillips <[email protected]> wrote:
> > Hi Stéphane
> >
> >> Any idea of code to configure my http client with TLSv1.1 or TLSv1.2
> >> instead of TLSv1.0, please ?
> >
> >
> > The following blog post doesn't provide a step-by-step solution, but
> should
> > hopefully help:
> >
> > https://jclouds.apache.org/blog/2014/10/25/poodle-and-jclouds/
> >
> > Regards
> >
> > ap
>
