Configure Transport Layer Security (TLS) for a bucket by using Java SDK V1 - Object Storage Service

This topic describes how to use the Java SDK to set the Transport Layer Security (TLS) protocol for a bucket.

Notes

In this topic, the public endpoint of the China (Hangzhou) region is used. To access OSS from other Alibaba Cloud services in the same region, use an internal endpoint. For details about supported regions and endpoints, see OSS regions and endpoints.
In this topic, access credentials are obtained from environment variables. For more information about how to configure access credentials, see Configure access credentials.
In this topic, an OSSClient instance is created by using an OSS endpoint. If you want to create an OSSClient instance by using custom domain names or Security Token Service (STS), see Configuration examples for common scenarios.

Sample code

The following sample code shows how to call the PutBucketHttpsConfig operation to set the TLS version for a bucket, and then call the GetBucketHttpsConfig operation to retrieve the TLS version information of the bucket.

import com.aliyun.oss.*;
import com.aliyun.oss.common.auth.CredentialsProviderFactory;
import com.aliyun.oss.common.auth.EnvironmentVariableCredentialsProvider;
import com.aliyun.oss.common.comm.SignVersion;
import com.aliyun.oss.model.GetBucketHttpsConfigResult;
import com.aliyun.oss.model.PutBucketHttpsConfigRequest;

import java.util.ArrayList;
import java.util.List;

public class PutBucketHttpsConfig {
    public static void main(String[] args) throws Exception {
        // The endpoint of the China (Hangzhou) region is used as an example. Specify the actual endpoint.
        String endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
        // Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are set.
        EnvironmentVariableCredentialsProvider credentialsProvider = CredentialsProviderFactory.newEnvironmentVariableCredentialsProvider();
        // Specify the bucket name. For example, examplebucket.
        String bucketName = "examplebucket";
        // Specify the region where the bucket is located. For example, if the bucket is in the China (Hangzhou) region, set Region to cn-hangzhou.
        String region = "cn-hangzhou";

        // Create an OSSClient instance.
        // Call the shutdown method to release resources when the OSSClient instance is no longer needed.
        ClientBuilderConfiguration clientBuilderConfiguration = new ClientBuilderConfiguration();
        clientBuilderConfiguration.setSignatureVersion(SignVersion.V4);
        OSS ossClient = OSSClientBuilder.create()
                .endpoint(endpoint)
                .credentialsProvider(credentialsProvider)
                .clientConfiguration(clientBuilderConfiguration)
                .region(region)
                .build();

        try {
            // Call the PutBucketHttpsConfig operation to set the TLS version for the bucket.
            List<String> tlsVersion = new ArrayList<String>();
            tlsVersion.add("TLSv1.2");
            tlsVersion.add("TLSv1.3");

            PutBucketHttpsConfigRequest request = new PutBucketHttpsConfigRequest(bucketName)
                    .withEnabled(true)
                    .withTlsVersion(tlsVersion);

            ossClient.putBucketHttpsConfig(request);

            // Call the GetBucketHttpsConfig operation to get the TLS version information of the bucket.
            GetBucketHttpsConfigResult result = ossClient.getBucketHttpsConfig(bucketName);
            System.out.println("Enable:" + result.isEnable());
            System.out.println("TLSVersion:" + result.getTlsVersion().get(0));
            System.out.println("TLSVersion:" + result.getTlsVersion().get(1));
        } catch (OSSException oe) {
            System.out.println("Caught an OSSException, which means your request made it to OSS, "
                    + "but was rejected with an error response for some reason.");
            System.out.println("Error Message:" + oe.getErrorMessage());
            System.out.println("Error Code:" + oe.getErrorCode());
            System.out.println("Request ID:" + oe.getRequestId());
            System.out.println("Host ID:" + oe.getHostId());
        } catch (ClientException ce) {
            System.out.println("Caught an ClientException, which means the client encountered "
                    + "a serious internal problem while trying to communicate with OSS, "
                    + "such as not being able to access the network.");
            System.out.println("Error Message:" + ce.getMessage());
        } finally {
            if (ossClient != null) {
                ossClient.shutdown();
            }
        }
    }
}

References

For the complete sample code that is used to configure the TLS protocol, see the GitHub example.
For more information about the API operations for the TLS protocol, see Transport Layer Security (TLS).