Unable to configure PROXY & SSL certificates in Openbaton

[ashishrathee17]

Open Baton internally uses Openstack4j library to communicate with Openstack.

In my scenario i am having a Openstack working on HTTPS, which is behind a proxy server. To reach it we need to configure both PROXY & SSL certificates but there is no support for it Openbaton.

I am getting below error while creating POP in Logs:

org.openbaton.exceptions.VimException: Refreshing VIM caused following error: org.openbaton.exceptions.VimException: Not listed Images successfully of VimInstance vim-instance-name. Caused by: org.openbaton.exceptions.VimDriverException: Connection timed out (Connection timed out)
        at org.openbaton.nfvo.core.api.VimManagement.refresh(VimManagement.java:213)
        at org.openbaton.nfvo.core.api.VimManagement.add(VimManagement.java:97)
        at org.openbaton.nfvo.api.admin.RestVimInstances.create(RestVimInstances.java:87)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)

Also As per below file, Openbaton not setting any proxy or ssl certs.
Refer

`Config cfg = Config.DEFAULT;
    cfg =
        cfg.withConnectionTimeout(
            Integer.parseInt(properties.getProperty("connection-timeout", "10000")));

os = OSFactory.builderV2()
                .endpoint(vimInstance.getAuthUrl())
                .credentials(vimInstance.getUsername(), vimInstance.getPassword())
                .tenantName(vimInstance.getTenant())
                .withConfig(cfg)
                .authenticate();
`

Instead of it i directly tried using OpenStack4j library for creating VM, it worked only after setting Certs & proxy:

			/**
			 * PROXY & CERT config
			 */
			InputStream is = new FileInputStream(AppConstant.OPENSTACK_CERTIFICATE);
			CertificateFactory cf = CertificateFactory.getInstance("X.509");
			X509Certificate caCert = (X509Certificate) cf.generateCertificate(is);
			TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
			KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
			ks.load(null);
			ks.setCertificateEntry("caCert", caCert);
			tmf.init(ks);
			SSLContext sslContext = SSLContext.getInstance("TLS");
			sslContext.init(null, tmf.getTrustManagers(), null);

			Config config = Config.newConfig();
			config = Config.newConfig().withProxy(ProxyHost.of(AppConstant.PROXY_HOST, AppConstant.PROXY_PORT));
			config.withSSLContext(sslContext);
			
			/**
			 * ENABLE OPENSTACK4j logging
			 */
			OSFactory.enableHttpLoggingFilter(true);
			
			/**
			 * Create object of OSClient
			 */

			os = OSFactory.builderV2().useNonStrictSSLClient(AppConstant.OPENSTACK4JDEBUG).endpoint(AppConstant.OPENSTACK_ENDPOINT)
					.credentials(AppConstant.OPENSTACK_USER, AppConstant.OPENSTACK_PASSWORD).tenantId(AppConstant.OPENSTACK_TENANT_ID).withConfig(config)
					.authenticate();

Can you please suggest resolution of this issue which i am facing?

[lorenzotomasini]

Hi @ashishrathee17 ,

apparently you already found a possible solution. Please provide a PR with a configurable solution and we will be very happy to integrate it in upstream.