Hi Ignasi,
I am using - 1.8.0_51 I already put these properties(enabled PROPERTY_TRUST_ALL_CERTS to true) and working. Regards Pratheesh From: Ignasi Barrera [mailto:[email protected]] Sent: Tuesday, April 17, 2018 12:11 PM To: [email protected] Subject: Re: Upgrading to TLSv1.2 in Jcloud... I'd say the config is OK (without having seen the implementation of your TLSOkHttpClientSupplier). The error you get is a common error when the certificate is not trusted. Could that be possible? Which concrete version of Java 8 are you using? Just to discard a certificate trust issue, could you try setting the following properties? Properties overrides = new Properties(); overrides.put(Constants.PROPERTY_TRUST_ALL_CERTS, "true"); overrides.put(Constants.PROPERTY_RELAX_HOSTNAME, "true"); Then pass these override properties to the ContextBuilder. I. On 16 April 2018 at 13:11, Pratheesh <[email protected]> wrote: I will try.. I am using JDK 8 Regards Pratheesh From: Andrea Turli (apache.org) [mailto:[email protected]] Sent: Friday, April 13, 2018 9:03 PM To: [email protected] Subject: Re: Upgrading to TLSv1.2 in Jcloud... I think you may want to extend SoftLayerHttpApiModule to configure `OkHttpClientSupplier` similarly to [1] which uses [2] and inject it in your BlobStoreContext [1]: https://github.com/jclouds/jclouds/blob/master/apis/docker/src/main/java/org/jclouds/docker/config/DockerHttpApiModule.java#L44 [2]: https://github.com/jclouds/jclouds/blob/master/apis/docker/src/main/java/org/jclouds/docker/config/DockerOkHttpClientSupplier.java I couldn't test the solution but I'd start from there Please let us know, as eventually we may need to improve softlayer to support natively TLSv1.2 BTW, which java version are you using? Andrea On Fri, Apr 13, 2018 at 4:03 PM Pratheesh <[email protected]> wrote: Hi Andrea, Please let me know any location or sample URL that I can see a sample. However I already tried with following sample code.. System.setProperty("https.protocols", "TLSv1.2"); System.setProperty("jdk.tls.client.protocols", "TLSv1,TLSv1.1,TLSv1.2"); Module tlsModule = new AbstractModule() { @Override protected void configure() { bind(OkHttpClientSupplier.class).to(TLSOkHttpClientSupplier.class); } }; Iterable<Module> modules1 = ImmutableSet.of(tlsModule, new OkHttpCommandExecutorServiceModule()); BlobStoreContext context = ContextBuilder.newBuilder("swift") .modules(modules1) .endpoint("https://tok02.objectstorage.softlayer.net/auth/";) .credentials("userId", "pwd") .buildView(BlobStoreContext.class); This gives me following error: Exception in thread "main" org.jclouds.http.HttpResponseException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target connecting to GET https://tok02.objectstorage.softlayer.net/auth/v1.0 HTTP/1.1 at org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:117) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:491) at com.google.inject.internal.DelegatingInvocationHandler.invoke(DelegatingInvocationHandler.java:37) at com.sun.proxy.$Proxy47.invoke(Unknown Source) …. …. Exception in thread "main" org.jclouds.http.HttpResponseException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target connecting to GET https://tok02.objectstorage.softlayer.net/auth/v1.0 HTTP/1.1 at org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:117) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:491) at com.google.inject.internal.DelegatingInvocationHandler.invoke(DelegatingInvocationHandler.java:37) at com.sun.proxy.$Proxy47.invoke(Unknown Source) … Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:144) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:130) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) From: Andrea Turli [mailto:[email protected]] Sent: Friday, April 13, 2018 6:27 PM To: [email protected] Subject: Re: Upgrading to TLSv1.2 in Jcloud... Hi, Pretty sure that jclouds can support your scenario by injecting OkHttpClientDriver in the context. See Docker provider for an example HTH, Andrea Il ven 13 apr 2018, 14:41 Pratheesh <[email protected]> ha scritto: We are using JClouds 1.9.1 to upload files to Softlayer. Recently softlayer upgraded to TLSv1.2. So our existing code is failing. What we have to change in Jclouds to support TLSv1.2, so that it can upload files to Softlayer. Regards Pratheesh
