吴汶泽
首页 归档 标签 友链
吴汶泽

目录

RestTemplate 跳过SSL证书验证

 收录于 后端
   约 266 字   预计阅读 1 分钟 
目录

在使用RestTemplate请求接口的过程中,遇到HTTPS请求又没有证书的情况,只能通过配置来忽略证书验证了

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

package com.ewei.custom.yto.config

import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.http.client.ClientHttpRequestFactory
import org.springframework.http.client.SimpleClientHttpRequestFactory
import org.springframework.web.client.RestTemplate
import java.net.HttpURLConnection
import java.security.SecureRandom
import java.security.cert.X509Certificate
import javax.net.ssl.HttpsURLConnection
import javax.net.ssl.SSLContext
import javax.net.ssl.SSLSocketFactory
import javax.net.ssl.X509TrustManager


/**
 * @author wuwenze
 * @date 2019-06-21
 */
@Configuration
class RestTemplateClientConfig {

    @Bean
    fun restTemplate(factory: ClientHttpRequestFactory): RestTemplate {
        return RestTemplate(factory)
    }

    @Bean
    fun simpleClientHttpRequestFactory(): ClientHttpRequestFactory {
        val factory = SkipSSLSimpleClientHttpRequestFactory()
        factory.setReadTimeout(30000)
        factory.setConnectTimeout(30000)
        return factory
    }

    class SkipSSLSimpleClientHttpRequestFactory : SimpleClientHttpRequestFactory() {
        override fun prepareConnection(connection: HttpURLConnection, httpMethod: String) {
            if (connection is HttpsURLConnection) {
                try {
                    connection.setHostnameVerifier { _, _ -> true }
                    connection.sslSocketFactory = createSslSocketFactory()
                } catch (e: Throwable) {
                    // ignore
                }
            }
            super.prepareConnection(connection, httpMethod)
        }

        private fun createSslSocketFactory(): SSLSocketFactory {
            val context: SSLContext = SSLContext.getInstance("TLS")
            context.init(null, arrayOf(SkipX509TrustManager()), SecureRandom())
            return context.socketFactory
        }

        class SkipX509TrustManager : X509TrustManager {
            override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
            override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
            override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
        }
    }
}
更新于 2019/07/09
阅读原始文档
 SpringJava
返回 | 主页

评论