Reputation: 2059
I'm trying to connect to a mutually authenticated Docker daemon using aleph. The aleph docs show that you can pass in a netty SSL context for auth purposes. It seems like I'm creating the SslContext correctly, but all requests are closed
(require '[aleph.http :as http])
(import '[io.netty.handler.ssl SslContext])
(import '[io.netty.handler.ssl SslProvider])
(import '[io.netty.handler.ssl SslContextBuilder])
(def ctx
(doto (SslContextBuilder/forClient)
(.keyManager (java.io.File. "certs/cert.pem")
(java.io.File. "certs/client.pkcs8"))
(.trustManager (java.io.File. "certs/ca.pem"))
(.build)))
(let [pool (http/connection-pool {:connection-options {:ssl-context ctx}})]
@(http/get (str "http://" host ":" port "/info") {:pool pool}))
results in: "ExceptionInfo connection was closed clojure.core/ex-info (core.clj:4617)"
Has anyone found good way to connect using TLS? I have tried https://github.com/aphyr/less-awful-ssl but that doesn't quite work with netty. Help thnx!
Upvotes: 1
Views: 333
Reputation: 2059
found out I was creating the SslContext object wrong. Should be like:
(def ctx
(.build
(.keyManager
(.trustManager (SslContextBuilder/forClient) ca)
cert client-key)))
;; pass in ssl-context via pool
(let [pool (http/connection-pool {:connection-options {:ssl-context ctx}})]
(-> @(http/get (str "https://" host ":" port "/info") {:pool pool})
:body
bs/to-string))
Upvotes: 0