jclouds: how to supply own KeyStore when creating BlobStoreContext
-
07-03-2021 - |
Question
I have a private blob store (swift) with a self-signed certificate.
I want to use this store with jclouds. Now, the following works:
Properties overrides = new Properties();
overrides.setProperty(Constants.PROPERTY_ENDPOINT, "https://example.com:8080/auth");
overrides.setProperty(Constants.PROPERTY_TRUST_ALL_CERTS, "true");
overrides.setProperty(Constants.PROPERTY_RELAX_HOSTNAME, "true");
BlobStoreContext context = new BlobStoreContextFactory().createContext("swift",
userCredentials.getIdent(), userCredentials.getSecret(),
ImmutableSet.<Module> of(), overrides);
However, since I have the certificate, is there a way to make this more secure and tell jclouds to use that particular certificate rather than trust any?
I do know how to get the certificate loaded into a Certificate
object and I also know how to create a KeyStore
object with the certificate.
My question is: How do I get jclouds to use my Certificate
or KeyStore
for certificate validation?
Solution
Right now, jclouds doesn't provide this hook, so you'd have to modify the JRE keystore. feel free to add a feature request for this here: http://code.google.com/p/jclouds/issues/entry
OTHER TIPS
As Adrian pointed out to me on jclouds-user maillist, it is possible now, by adding a module like this:
.modules(ImmutableSet.of(new AbstractModule(){
@Override public void configure() {
bind(new TypeLiteral<Supplier<SSLContext>>(){}).toInstance(new
Supplier<SSLContext>() {
@Override public SSLContext get() {
return whatYouManage; // note this is called per-request so
//can be expensive.
}
}
}
}))