You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jclouds.apache.org by Dileep Dixith <di...@in.ibm.com> on 2016/10/22 06:29:46 UTC
ApacheHC need yo support TLS1.2
Hi,
Currently SSLContext in ApacheHCHttpCommandExecutorServiceModule supports
only TLS1.0 Protocol.
https://github.com/jclouds/jclouds/blob/master/drivers/apachehc/src/main/java/org/jclouds/http/apachehc/config/ApacheHCHttpCommandExecutorServiceModule.java
Due to Various security vulnerabilities, Many Servers supports/enables
only TLS1.2 Protocols.
ApacheHCHttpCommandExecutorServiceModule Needs change to support TLS1.2
Protocols only.
Let me know when this changes will be ready.
Regards,
Dileep Dixith
Bangalore, 560071
Security Developer, Big Storage and MCStore
India
IBM Systems & Technology Lab
+91-80-41776741
Mobile:
+91-95-91345900
e-mail:
didixith@in.ibm.com
Re: ApacheHC need to support TLS1.2
Posted by Dileep Dixith <di...@in.ibm.com>.
Hi Andrew,
After our investigation with many drivers, we choose ApacheHTTP driver for
various reasons over JavaURLHTTP and OKHttpDriver.
So, we wanted ApacheHTTP driver should support TLS1.2.
I have informed Ignasi about my interest to contribute with this change
for ApacheHTTP driver.
Regards,
Dileep Dixith
Bangalore, 560071
Security Developer, Big Storage and MCStore
India
IBM Systems & Technology Lab
+91-80-41776741
Mobile:
+91-95-91345900
e-mail:
didixith@in.ibm.com
From: Andrew Phillips <ap...@qrmedia.com>
To: user@jclouds.apache.org
Cc: Dileep Dixith/India/IBM@IBMIN
Date: 10/22/2016 08:19 PM
Subject: Re: ApacheHC need yo support TLS1.2
Hi Dileep
> Due to Various security vulnerabilities, Many Servers supports/enables
> only TLS1.2 Protocols.
>
> ApacheHCHttpCommandExecutorServiceModule Needs change to support
> TLS1.2 Protocols only.
Have you considered using the OkHttp driver [1] instead? As far as I
recall, that should allow you to support TLS 1.2 only.
Regards
ap
[1] https://github.com/apache/jclouds/tree/master/drivers/okhttp
Re: ApacheHC need yo support TLS1.2
Posted by Andrew Phillips <ap...@qrmedia.com>.
Hi Dileep
> Due to Various security vulnerabilities, Many Servers supports/enables
> only TLS1.2 Protocols.
>
> ApacheHCHttpCommandExecutorServiceModule Needs change to support
> TLS1.2 Protocols only.
Have you considered using the OkHttp driver [1] instead? As far as I
recall, that should allow you to support TLS 1.2 only.
Regards
ap
[1] https://github.com/apache/jclouds/tree/master/drivers/okhttp
Re: ApacheHC need yo support TLS1.2
Posted by Dileep Dixith <di...@in.ibm.com>.
Opened Issue in JIRA.
https://issues.apache.org/jira/browse/JCLOUDS-1188
Regards,
Dileep Dixith
Bangalore, 560071
Security Developer, Big Storage and MCStore
India
IBM Systems & Technology Lab
+91-80-41776741
Mobile:
+91-95-91345900
e-mail:
didixith@in.ibm.com
From: Ignasi Barrera <na...@apache.org>
To: user@jclouds.apache.org
Cc: dev@jclouds.apache.org
Date: 10/22/2016 12:18 PM
Subject: Re: ApacheHC need yo support TLS1.2
Hi Dileep,
Mind opening an issue in our JIRA? That is the best way to keep track of
this.
I can't tell when the patch will be available, but the best way to make
sure it happens soon is contributing and opening a pull request :) If you
are up to do it, I will be happy to help and provide guidace.
I.
On Oct 22, 2016 08:30, "Dileep Dixith" <di...@in.ibm.com> wrote:
Hi,
Currently SSLContext in ApacheHCHttpCommandExecutorServiceModulesupports
only TLS1.0 Protocol.
https://github.com/jclouds/jclouds/blob/master/drivers/apachehc/src/main/java/org/jclouds/http/apachehc/config/ApacheHCHttpCommandExecutorServiceModule.java
Due to Various security vulnerabilities, Many Servers supports/enables
only TLS1.2 Protocols.
ApacheHCHttpCommandExecutorServiceModule Needs change to support TLS1.2
Protocols only.
Let me know when this changes will be ready.
Regards,
Dileep Dixith
Bangalore, 560071
Security Developer, Big Storage and MCStore
India
IBM Systems & Technology Lab
+91-80-41776741
Mobile:
+91-95-91345900
e-mail:
didixith@in.ibm.com
Re: ApacheHC need yo support TLS1.2
Posted by Dileep Dixith <di...@in.ibm.com>.
Opened Issue in JIRA.
https://issues.apache.org/jira/browse/JCLOUDS-1188
Regards,
Dileep Dixith
Bangalore, 560071
Security Developer, Big Storage and MCStore
India
IBM Systems & Technology Lab
+91-80-41776741
Mobile:
+91-95-91345900
e-mail:
didixith@in.ibm.com
From: Ignasi Barrera <na...@apache.org>
To: user@jclouds.apache.org
Cc: dev@jclouds.apache.org
Date: 10/22/2016 12:18 PM
Subject: Re: ApacheHC need yo support TLS1.2
Hi Dileep,
Mind opening an issue in our JIRA? That is the best way to keep track of
this.
I can't tell when the patch will be available, but the best way to make
sure it happens soon is contributing and opening a pull request :) If you
are up to do it, I will be happy to help and provide guidace.
I.
On Oct 22, 2016 08:30, "Dileep Dixith" <di...@in.ibm.com> wrote:
Hi,
Currently SSLContext in ApacheHCHttpCommandExecutorServiceModulesupports
only TLS1.0 Protocol.
https://github.com/jclouds/jclouds/blob/master/drivers/apachehc/src/main/java/org/jclouds/http/apachehc/config/ApacheHCHttpCommandExecutorServiceModule.java
Due to Various security vulnerabilities, Many Servers supports/enables
only TLS1.2 Protocols.
ApacheHCHttpCommandExecutorServiceModule Needs change to support TLS1.2
Protocols only.
Let me know when this changes will be ready.
Regards,
Dileep Dixith
Bangalore, 560071
Security Developer, Big Storage and MCStore
India
IBM Systems & Technology Lab
+91-80-41776741
Mobile:
+91-95-91345900
e-mail:
didixith@in.ibm.com
Re: ApacheHC need yo support TLS1.2
Posted by Ignasi Barrera <na...@apache.org>.
Hi Dileep,
Mind opening an issue in our JIRA? That is the best way to keep track of
this.
I can't tell when the patch will be available, but the best way to make
sure it happens soon is contributing and opening a pull request :) If you
are up to do it, I will be happy to help and provide guidace.
I.
On Oct 22, 2016 08:30, "Dileep Dixith" <di...@in.ibm.com> wrote:
> Hi,
>
> Currently SSLContext in *ApacheHCHttpCommandExecutorServiceModule*supports
> only TLS1.0 Protocol.
>
> https://github.com/jclouds/jclouds/blob/master/drivers/
> apachehc/src/main/java/org/jclouds/http/apachehc/config/
> ApacheHCHttpCommandExecutorServiceModule.java
>
> Due to Various security vulnerabilities, Many Servers supports/enables
> only TLS1.2 Protocols.
>
> *ApacheHCHttpCommandExecutorServiceModule* Needs change to support TLS1.2
> Protocols only.
>
> Let me know when this changes will be ready.
>
> Regards,
> ------------------------------
> *Dileep Dixith*
> Bangalore, 560071
> Security Developer, Big Storage and MCStore India
>
> IBM Systems & Technology Lab
> +91-80-41776741
> Mobile: +91-95-91345900
> e-mail: didixith@in.ibm.com
> ------------------------------
>
>
>
Re: ApacheHC need yo support TLS1.2
Posted by Ignasi Barrera <na...@apache.org>.
Hi Dileep,
Mind opening an issue in our JIRA? That is the best way to keep track of
this.
I can't tell when the patch will be available, but the best way to make
sure it happens soon is contributing and opening a pull request :) If you
are up to do it, I will be happy to help and provide guidace.
I.
On Oct 22, 2016 08:30, "Dileep Dixith" <di...@in.ibm.com> wrote:
> Hi,
>
> Currently SSLContext in *ApacheHCHttpCommandExecutorServiceModule*supports
> only TLS1.0 Protocol.
>
> https://github.com/jclouds/jclouds/blob/master/drivers/
> apachehc/src/main/java/org/jclouds/http/apachehc/config/
> ApacheHCHttpCommandExecutorServiceModule.java
>
> Due to Various security vulnerabilities, Many Servers supports/enables
> only TLS1.2 Protocols.
>
> *ApacheHCHttpCommandExecutorServiceModule* Needs change to support TLS1.2
> Protocols only.
>
> Let me know when this changes will be ready.
>
> Regards,
> ------------------------------
> *Dileep Dixith*
> Bangalore, 560071
> Security Developer, Big Storage and MCStore India
>
> IBM Systems & Technology Lab
> +91-80-41776741
> Mobile: +91-95-91345900
> e-mail: didixith@in.ibm.com
> ------------------------------
>
>
>