jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ignasi Barrera <notificati...@github.com>
Subject Re: [jclouds-labs] Upgrade to docker 1.7 (#188)
Date Tue, 21 Jul 2015 09:28:48 GMT
> +         client.setConnectTimeout(utils.getConnectionTimeout(), TimeUnit.MILLISECONDS);
> +         client.setReadTimeout(utils.getSocketOpenTimeout(), TimeUnit.MILLISECONDS);
> +         client.setFollowRedirects(false);
> +         ConnectionSpec tlsSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
> +                 .tlsVersions(TlsVersion.TLS_1_0, TlsVersion.TLS_1_1, TlsVersion.TLS_1_2)
> +                 .build();
> +         ConnectionSpec cleartextSpec = new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT)
> +                 .build();
> +         client.setConnectionSpecs(ImmutableList.of(tlsSpec, cleartextSpec));
> +         client.setSslSocketFactory(sslContextWithKeysSupplier.get().getSocketFactory());
> +
> +         if (utils.relaxHostname()) {
> +            client.setHostnameVerifier(hostnameVerifier);
> +         }
> +         return client;
> +      }

Agree. The trustallcerts thing is something like "Oh, ok, I don't want to deal (and I don't
care) with SSL at all but I have an SSL endpoint", so I'd say the Docker certs should also
be ignored. If that is the case, the default implementation of the untrusted supplier should
already work and no changes would be required.

---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs/pull/188/files#r35084671
Mime
View raw message