New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support docker 1.3.0 TLS secured mode #77

Closed
ndeloof opened this Issue Oct 18, 2014 · 7 comments

Comments

Projects
None yet
6 participants
@ndeloof
Contributor

ndeloof commented Oct 18, 2014

Need to configure Jersey to use https, with client certificate authentication and (optionally?) no server certificate check.

@gesellix

This comment has been minimized.

Show comment
Hide comment
@gesellix

gesellix Oct 19, 2014

Contributor

would this be fixed by #78 ?

Contributor

gesellix commented Oct 19, 2014

would this be fixed by #78 ?

@ndeloof

This comment has been minimized.

Show comment
Hide comment
@ndeloof

ndeloof Oct 19, 2014

Contributor

more or less. #78 assumes user has setup a java keystore with Docker client certificate. Would be nice docker-java just pick-up the one from $DOCKER_CERT_PATH

Contributor

ndeloof commented Oct 19, 2014

more or less. #78 assumes user has setup a java keystore with Docker client certificate. Would be nice docker-java just pick-up the one from $DOCKER_CERT_PATH

@rhuss

This comment has been minimized.

Show comment
Hide comment
@rhuss

rhuss Oct 20, 2014

For a blueprint please have a look at wouterd/docker-maven-plugin from @wouterd or rhuss/docker-maven-plugin which both already have support for SSL access to a docker host.

rhuss commented Oct 20, 2014

For a blueprint please have a look at wouterd/docker-maven-plugin from @wouterd or rhuss/docker-maven-plugin which both already have support for SSL access to a docker host.

@wouterd

This comment has been minimized.

Show comment
Hide comment
@wouterd

wouterd Oct 20, 2014

I ended up using bouncycastle to read the PEM files, after that it's just tedious logistics because crypto in java is a pain to do. :-)

wouterd commented Oct 20, 2014

I ended up using bouncycastle to read the PEM files, after that it's just tedious logistics because crypto in java is a pain to do. :-)

@rhuss

This comment has been minimized.

Show comment
Hide comment
@rhuss

rhuss Oct 20, 2014

I tried it to read it directly, however the Docker key.pem is not in PKCS8 format and hence I was not able to read it in like the certs with java.security classes.

So I ended up to use PEMReader from bouncycastle as well (but only for this very reason, everything else can be done 'natively')

rhuss commented Oct 20, 2014

I tried it to read it directly, however the Docker key.pem is not in PKCS8 format and hence I was not able to read it in like the certs with java.security classes.

So I ended up to use PEMReader from bouncycastle as well (but only for this very reason, everything else can be done 'natively')

@marcuslinke

This comment has been minimized.

Show comment
Hide comment
@marcuslinke

marcuslinke Oct 26, 2014

Contributor

merged #78 Please test!

Contributor

marcuslinke commented Oct 26, 2014

merged #78 Please test!

@asssaf

This comment has been minimized.

Show comment
Hide comment
@asssaf

asssaf Jan 28, 2015

Is it possible to use TLS without verifying the server certificate?
Like using the docker client with --tls instead of --tlsverify?

asssaf commented Jan 28, 2015

Is it possible to use TLS without verifying the server certificate?
Like using the docker client with --tls instead of --tlsverify?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment