spring-boot - 带有 2 路 ssl 证书的 resttemplate
问题描述
我正在使用 rettemplate 来访问使用 2 路 ssl 证书的第三方 url。我已经用信任库和密钥库设置了 httpclient 仍然得到 ssl 握手异常。在我的 cacerts 中导入证书后,我也尝试过,但仍然没有运气。任何使用 2 路 ssl 和 resttemplate 的人
private HttpClient createHttpClient(final String keyAlias) {
logger.info("Creating HTTP client using keystore={} and alias={}", keyStorePath, keyAlias);
final KeyStore trustStore = new KeyStoreFactoryBean(makeResource(keyStorePath), keyStoreType, keyStorePassword)
.newInstance();
KeyStore keyStore =
new KeyStoreFactoryBean(makeResource(keyStorePath), keyStoreType, keyStorePassword)
.newInstance();
final SSLContext sslContext;
HttpHost proxyNew = null;
proxyNew = new HttpHost(proxyURL, proxyPort);
HttpClient httpClient=null;
try {
sslContext = SSLContexts.custom()
.loadKeyMaterial(keyStore, keyStorePassword.toCharArray(), (aliases, socket) -> keyAlias)
.loadTrustMaterial(trustStore, (x509Certificates, s) -> false).build();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
} catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException | UnrecoverableKeyException e) {
throw new IllegalStateException("Error loading key or trust material", e);
}
final SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext,
new String[] { "TLSv1.2", "TLSv1.1" }, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier());
final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory> create()
.register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory)
.build();
final PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registry);
connectionManager.setMaxTotal(httpClientPoolSize);
connectionManager.setDefaultMaxPerRoute(httpClientPoolSize);
HttpHost proxy = null;
proxy = new HttpHost(proxyURL, proxyPort);
if(isProxy)
return HttpClients.custom().setSSLSocketFactory(sslSocketFactory).setConnectionManager(connectionManager).setProxy(proxy).build();
return HttpClients.custom().setSSLSocketFactory(sslSocketFactory).setConnectionManager(connectionManager).build();
}
解决方案
推荐阅读
- python-3.x - 如何在 TKINTER 上使用自定义字体
- sublimetext3 - 是否可以在 Sublime Text 3 中禁用模糊搜索?
- flutter - 异步函数只返回 null (Flutter)
- kubernetes - 验证 deployment.yaml kubernetes 文件的最佳方法是什么?
- flutter - 尽管 SingleChildScrollView 并且页面上没有脚手架,但 FormTextField 隐藏在键盘后面
- javascript - Json Response 需要更新 Javascript 值并替换全局初始全局值 - 需要解决解决方案
- sql-server - 需要对 SQL Server 中的列重新排序
- html - 错误无法匹配任何路由。离子 iOS 嵌入视频未显示
- python - 具有 UINT8 权重的 TensorFlow 2.0 TFLite 量化导出
- charts - SwiftUI 中的图表作为气泡图