openfeign,webClient, restTemplate 忽略 ssl 证书

0 springboot 版本


<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>3.0.3</version>
    <relativePath/> <!-- lookup parent from repository -->
</parent>

1 openfeign


@Configuration
public class FeignIgnoreSSLConfig {
    @Bean
    public Client feignClient() {
        return new Client.Default(getSSLSocketFactory(), new NoopHostnameVerifier());
    }

    private SSLSocketFactory getSSLSocketFactory() {
        try {
            SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
            return sslContext.getSocketFactory();
        } catch (Exception ex) {
            throw new RuntimeException(ex);
        }
    }
}

2 webClient


@Configuration
public class WebClientConfig {
    @Bean(name = "webClient")
    public WebClient getWebClient() {
        return WebClient.create();
    }

    @Bean(name = "ignoreSSLWebClient")
    public WebClient getIgnoreSSLWebClient() throws SSLException {
        SslContext sslContext = SslContextBuilder.forClient()
            .trustManager(InsecureTrustManagerFactory.INSTANCE)
            .build();

        HttpClient httpClient = HttpClient.create().secure(contextSpec -> contextSpec.sslContext(sslContext));

        return WebClient.builder().clientConnector(new ReactorClientHttpConnector(httpClient)).build();
    }
}

3 restTemplate


@Configuration
public class RestTemplateConfig {
    /**
     * RestTemplate注入
     */
    @Bean("restTemplate")
    @LoadBalanced
    public RestTemplate restTemplate() {
        RestTemplate restTemplate = new RestTemplate();
        HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
        restTemplate.setRequestFactory(new HttpComponentsClientHttpRequestFactory());
        return restTemplate;
    }

    @Bean("ignoreHttpsRestTemplate")
    public RestTemplate ignoreHttpsRestTemplate() {
        RestTemplate restTemplate = new RestTemplate(new SSLFactory());
        // 支持中文编码
        restTemplate.getMessageConverters().set(1, new StringHttpMessageConverter(StandardCharsets.UTF_8));
        return restTemplate;
    }


@Slf4j
public class SSLFactory extends SimpleClientHttpRequestFactory {
    @Override
    protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
        if (connection instanceof HttpsURLConnection) {
            prepareHttpsConnection((HttpsURLConnection) connection);
        }
        super.prepareConnection(connection, httpMethod);
    }

    private void prepareHttpsConnection(HttpsURLConnection connection) {
        connection.setHostnameVerifier(new SkipHostnameVerifier());
        try {
            connection.setSSLSocketFactory(createSslSocketFactory());
        } catch (Exception ex) {
            log.error(ex.getMessage(), ex);
        }
    }

    @SneakyThrows
    private SSLSocketFactory createSslSocketFactory() {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, new TrustManager[] {new SkipX509TrustManager()}, new SecureRandom());
        return context.getSocketFactory();
    }

    private static class SkipHostnameVerifier implements HostnameVerifier {
        @Override
        public boolean verify(String s, SSLSession sslSession) {
            return true;
        }

    }

    private static class SkipX509TrustManager implements X509TrustManager {
        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) {
        }
    }
}
posted @ 2024-03-13 16:39  linzm14  阅读(295)  评论(0编辑  收藏  举报