Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SslSocketFactory on httpClient #1040

Closed
jimarek opened this issue Sep 5, 2023 · 4 comments
Closed

SslSocketFactory on httpClient #1040

jimarek opened this issue Sep 5, 2023 · 4 comments
Labels
guidance Question that needs advice or information.

Comments

@jimarek
Copy link

jimarek commented Sep 5, 2023

Describe the issue

Hi I am trying to somehow set sslcontext with my own JavaKeyStore to s3 client. Sofar I haven't found a direct way apart from creating my own implementation of HttpClientEngine

Steps to Reproduce

 S3Client {
   httpClient {
     //missing config options?
   }

Current behavior

--

AWS Kotlin SDK version used

0.32.0-beta

Platform (JVM/JS/Native)

JVM

Operating System and version

macOS Ventura 13.5

@jimarek jimarek added guidance Question that needs advice or information. needs-triage This issue or PR still needs to be triaged. labels Sep 5, 2023
@ianbotsf
Copy link
Contributor

ianbotsf commented Sep 5, 2023

Thanks for submitting an issue @jimarek. You are correct, there is currently no way to configure a Java KeyStore directly in the bundled HTTP engines. We have backlog item smithy-lang/smithy-kotlin#820 to add more TLS configuration options. It doesn't explicitly mention Java KeyStores but that's included in the scope.

Writing your own HttpClientEngine wrapper is a way forward for now. Additionally, the default OkHttp client engine should also use the KeyStore configured for the JVM so perhaps setting the JVM system properties javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword may work for your use case.

Generally setting a KeyStore is not necessary for a client to communicate with AWS services. May I ask what you're trying to do?

@ianbotsf ianbotsf removed the needs-triage This issue or PR still needs to be triaged. label Sep 5, 2023
@jimarek
Copy link
Author

jimarek commented Sep 6, 2023

We are limiting cert root authorities as per company policy.

@ianbotsf
Copy link
Contributor

ianbotsf commented Apr 3, 2024

Resolving this issue as we have a backlog item (smithy-lang/smithy-kotlin#820) to implement the requested functionality.

@ianbotsf ianbotsf closed this as completed Apr 3, 2024
Copy link

github-actions bot commented Apr 3, 2024

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
guidance Question that needs advice or information.
Projects
None yet
Development

No branches or pull requests

2 participants