ilyak
Contributor
Contributor
‎12-03-2017 12:54 AM

Https back-end problems

Our plugin performing https requests to the back-end server.

According to the SDK samples, we can implement ThumbprintTrustManager/ThumbprintHostNameVerifier in order to be able to make requests to the https server with self signed certificate. But how can it work, if the web client has multiple plugins which have ThumbprintTrustManager? It seems that all plugins are running in the same VM, so calls like "HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());" will influence not only our plugin but other plugins, too.

Reply
0 Kudos
_vladi_
VMware Employee
VMware Employee
‎12-05-2017 04:57 AM

Hi,

Thank you for the report.

Plugins are running in the same VM but they are loaded by different class loaders. In the case when a class is being provided by the HTML Client you can:

 - switch to using non-static calls (as mentioned in the documentation https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/HttpsURLConnection.html) OR

 - embed your own version of the library in the Bundle-Classpath of your service jar bundle.

We should definitely look into a better sample that takes into account this perspective.

Cheers,

Vladi

Reply
0 Kudos
ilyak
Contributor
Contributor
‎12-06-2017 01:40 AM

Thank you for your reply. Very helpfull.

As far as I understand calling to 

VimPortType.findExtension can be done only via static calls (In case my vCenter has only self signed certificate)

Reply
0 Kudos