I'd say the config is OK (without having seen the implementation of your
TLSOkHttpClientSupplier).

The error you get is a common error when the certificate is not trusted.
Could that be possible? Which concrete version of Java 8 are you using?

Just to discard a certificate trust issue, could you try setting the
following properties?

Properties overrides = new Properties();
overrides.put(Constants.PROPERTY_TRUST_ALL_CERTS, "true");
overrides.put(Constants.PROPERTY_RELAX_HOSTNAME, "true");

Then pass these override properties to the ContextBuilder.


I.

On 16 April 2018 at 13:11, Pratheesh <pratheesh...@teknowmics.com> wrote:

> I will try..
>
> I am using JDK 8
>
>
>
> Regards
>
> Pratheesh
>
>
>
> *From:* Andrea Turli (apache.org) [mailto:andreatu...@apache.org]
> *Sent:* Friday, April 13, 2018 9:03 PM
>
> *To:* user@jclouds.apache.org
> *Subject:* Re: Upgrading to TLSv1.2 in Jcloud...
>
>
>
> I think you may want to extend SoftLayerHttpApiModule to configure `
> OkHttpClientSupplier` similarly to [1] which uses [2] and inject it in
> your BlobStoreContext
>
> [1]: https://github.com/jclouds/jclouds/blob/master/
> apis/docker/src/main/java/org/jclouds/docker/config/
> DockerHttpApiModule.java#L44
>
> [2]: https://github.com/jclouds/jclouds/blob/master/
> apis/docker/src/main/java/org/jclouds/docker/config/
> DockerOkHttpClientSupplier.java
>
> I couldn't test the solution but I'd start from there
>
>
>
> Please let us know, as eventually we may need to improve softlayer to
> support natively TLSv1.2
>
>
>
> BTW, which java version are you using?
>
>
>
> Andrea
>
>
>
> On Fri, Apr 13, 2018 at 4:03 PM Pratheesh <pratheesh...@teknowmics.com>
> wrote:
>
> Hi Andrea,
>
>
>
> Please let me know any location or sample URL  that I can see a sample.
>
>
>
> However I already tried with following sample code..
>
>
>
>         System.setProperty("https.protocols", "TLSv1.2");
>
>         System.setProperty("jdk.tls.client.protocols",
> "TLSv1,TLSv1.1,TLSv1.2");
>
>         Module tlsModule = new AbstractModule() {
>
>             @Override
>
>             protected void configure() {
>
>                 bind(OkHttpClientSupplier.class).to(
> TLSOkHttpClientSupplier.class);
>
>             }
>
>         };
>
>         Iterable<Module> modules1 = ImmutableSet.of(tlsModule, new
> OkHttpCommandExecutorServiceModule());
>
>         BlobStoreContext context = ContextBuilder.newBuilder("swift")
>
>                 .modules(modules1)
>
>                 .endpoint("https://tok02.objectstorage.softlayer.net/auth/
> ")
>
>                 .credentials("userId", "pwd")
>
>                 .buildView(BlobStoreContext.class);
>
>
>
>
>
> This gives me following error:
>
>
>
> Exception in thread "main" org.jclouds.http.HttpResponseException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target connecting to GET
> https://tok02.objectstorage.softlayer.net/auth/v1.0 HTTP/1.1
>
>                 at org.jclouds.http.internal.
> BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService
> .java:117)
>
>                 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
>                 at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:57)
>
>                 at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
>
>                 at java.lang.reflect.Method.invoke(Method.java:491)
>
>                 at com.google.inject.internal.DelegatingInvocationHandler.
> invoke(DelegatingInvocationHandler.java:37)
>
>                 at com.sun.proxy.$Proxy47.invoke(Unknown Source)
>
> ….
>
> ….
>
> Exception in thread "main" org.jclouds.http.HttpResponseException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target connecting to GET
> https://tok02.objectstorage.softlayer.net/auth/v1.0 HTTP/1.1
>
>                 at org.jclouds.http.internal.
> BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService
> .java:117)
>
>                 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
>                 at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:57)
>
>                 at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
>
>                 at java.lang.reflect.Method.invoke(Method.java:491)
>
>                 at com.google.inject.internal.DelegatingInvocationHandler.
> invoke(DelegatingInvocationHandler.java:37)
>
>                 at com.sun.proxy.$Proxy47.invoke(Unknown Source)
>
> …
>
>
>
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
>
>                 at sun.security.provider.certpath.SunCertPathBuilder.
> build(SunCertPathBuilder.java:144)
>
>                 at sun.security.provider.certpath.SunCertPathBuilder.
> engineBuild(SunCertPathBuilder.java:130)
>
>                 at java.security.cert.CertPathBuilder.build(
> CertPathBuilder.java:280)
>
>                 at sun.security.validator.PKIXValidator.doBuild(
> PKIXValidator.java:382)
>
>
>
> *From:* Andrea Turli [mailto:andrea.tu...@gmail.com]
> *Sent:* Friday, April 13, 2018 6:27 PM
> *To:* user@jclouds.apache.org
> *Subject:* Re: Upgrading to TLSv1.2 in Jcloud...
>
>
>
> Hi,
>
>
>
> Pretty sure that jclouds can support your scenario by injecting
> OkHttpClientDriver in the context.
>
> See Docker provider for an example
>
>
>
> HTH,
>
> Andrea
>
>
>
> Il ven 13 apr 2018, 14:41 Pratheesh <pratheesh...@teknowmics.com> ha
> scritto:
>
> We are using JClouds 1.9.1  to upload files to Softlayer. Recently
> softlayer upgraded to TLSv1.2. So our existing code is failing.
>
>
>
> What  we have to change in Jclouds to support TLSv1.2, so that it can
> upload files to Softlayer.
>
>
>
> Regards
>
> Pratheesh
>
>

Reply via email to