private HttpConnector createHttpConnector(final boolean sslHostnameVerification) {
final EndpointIterator endpointIterator = EndpointIterator.of(endpointSupplier.get());
final DefaultHttpConnector connector =
new DefaultHttpConnector(endpointIterator, 10000, sslHostnameVerification);
Optional<AgentProxy> agentProxyOpt = Optional.absent();
try {
agentProxyOpt = Optional.of(AgentProxies.newInstance());
} catch (RuntimeException e) {
// the user likely doesn't have ssh-agent setup. This may not matter at all if the masters
// do not require authentication, so we delay reporting any sort of error to the user until
// the servers return 401 Unauthorized.
log.debug("{}", e);
}
// set up the ClientCertificatePath, giving precedence to any values set
// with setClientCertificatePath()
if (clientCertificatePath == null) {
final String heliosCertPath = System.getenv(HELIOS_CERT_PATH);
if (!isNullOrEmpty(heliosCertPath)) {
final Path certPath = Paths.get(heliosCertPath, "cert.pem");
final Path keyPath = Paths.get(heliosCertPath, "key.pem");
if (certPath.toFile().canRead() && keyPath.toFile().canRead()) {
this.clientCertificatePath = new ClientCertificatePath(certPath, keyPath);
} else {
log.warn(
"{} is set to {}, but {} and/or {} do not exist or cannot be read. "
+ "Will not send client certificate in HeliosClient requests.",
HELIOS_CERT_PATH,
heliosCertPath,
certPath,
keyPath);
}
}
}
return new AuthenticatingHttpConnector(
user,
agentProxyOpt,
Optional.fromNullable(clientCertificatePath),
endpointIterator,
connector);
}
