Spring Boot RestTemplate 訪問https實現SSL請求
阿新 • • 發佈:2018-12-24
建立SSLContext,傳入證書檔案路徑和密碼
public static SSLContext createCustomerSSLContext(String keystoreFile, String keystorePassword, String truststoreFile, String truststorePassword) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException, CertificateException, UnrecoverableKeyException { SSLContext context = SSLContext.getInstance("TLS"); KeyStore keyStore = getKeyStore("JKS", new FileInputStream(keystoreFile), keystorePassword); KeyManager[] kms = createKeyManager(keyStore, keystorePassword); KeyStore trustStore = getKeyStore("JKS", new FileInputStream(truststoreFile), truststorePassword); TrustManager[] tms = createTrustManager(trustStore); //需要新增信任證書(需要公鑰) //context.init(kms, tms, null); //不要信任證書 TrustManager tm = new X509TrustManager() { @Override public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; context.init(kms, new TrustManager[]{tm}, null); return context; } private static KeyManager[] createKeyManager(KeyStore keyStore, String password) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException { KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); factory.init(keyStore, password.toCharArray()); return factory.getKeyManagers(); } private static TrustManager[] createTrustManager(KeyStore trustStore) throws NoSuchAlgorithmException, KeyStoreException { TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(trustStore); return factory.getTrustManagers(); } public static KeyStore getKeyStore(String keyStoreType, InputStream stream, String password) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(stream, password.toCharArray()); return keyStore; }
public static RestTemplate restTemplate(String keystoreFile, String keystorePassword, String truststoreFile, String truststorePassword) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException { SSLContext sslContext = createCustomerSSLContext(keystoreFile, keystorePassword, truststoreFile,truststorePassword); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); CloseableHttpClient httpClient = HttpClients.custom() .setSSLSocketFactory(csf) .build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(requestFactory); return restTemplate; }