RestTemplate添加HTTPS證書
證書的下載
先通過瀏覽器將未簽名驗證的證書保存到本地, 點擊 不安全–> 證書–> 詳細信息 --> 復制到文件 然后默認選擇 起一個文件名 , 保存即可, 比如我將證書保存在了桌面 , 命名為 xx.cer
證書導入JDK
若是想要在項目中用到證書 , 需要先將證書導入到JDK的證書管理里面, 導入命令如下:
keytool -import -noprompt -trustcacerts -alias xx -keystore /home/oracle/jdk1.8.0_181/jre/lib/security/cacerts -file xx.cer
對上面的命令做一個解釋 此命令是在linux服務器內執行的 , 在執行這個命令的時候就在證書所在的文件夾下打開終端, 然后命名一下別名 , 別名最好和證書名稱一致 , 如上, 都叫xx , 另外將上面命令中的JDK路徑換成你的實際路徑即可
上面命令輸入完畢后回車 , 會讓你寫密碼啥的 , 就寫 changeit 若是changeit不行就寫 changeme 一般的 chageit 就可以了
生成keystore文件
只將證書導入JDK就可以了嗎? 我這里驗證的是不可以的, 必須還要生成對應的 keystore文件
keystore文件生成命令: keytool -import -file xx.cer -keystore xx.keystore
對上面的命令做一個解釋 , 該命令也是在linux下執行的 ,當然windows下也可以的 , 執行的時候也是在證書所在文件夾進行的 , 若是提示權限不夠 那就再加sudo , windows就以管理員的身份執行
回車后又會讓你輸入密碼 , 那么就還對應著輸入 chageit 即可
執行完畢后會在當前路徑下再產生一個xx.keystore文件
項目中配置
將上面上傳的xx.keystore 文件文件復制到你的項目的類路徑下
將下面的這個restTemplate的配置復制到你的項目中去,其中里面用到了一個httpConverter 這個是做json格式轉換的, 和HTTPS沒太大關系 , 若是不需要就將它以及相關代碼刪掉即可
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
package com.abc.air.config;import java.io.File;import java.io.FileInputStream;import java.io.InputStream;import java.security.KeyManagementException;import java.security.KeyStore;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.cert.X509Certificate;import java.util.ArrayList;import java.util.List;import org.apache.http.config.Registry;import org.apache.http.config.RegistryBuilder;import org.apache.http.conn.socket.ConnectionSocketFactory;import org.apache.http.conn.socket.PlainConnectionSocketFactory;import org.apache.http.conn.ssl.NoopHostnameVerifier;import org.apache.http.conn.ssl.SSLConnectionSocketFactory;import org.apache.http.impl.client.CloseableHttpClient;import org.apache.http.impl.client.HttpClients;import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;import org.apache.http.ssl.SSLContextBuilder;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.core.io.ClassPathResource;import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;import org.springframework.http.converter.HttpMessageConverter;import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;import org.springframework.http.converter.xml.MappingJackson2XmlHttpMessageConverter;import org.springframework.web.client.RestTemplate;import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;/** * Created by ZhaoTengchao on 2019/4/12. */@Configurationpublic class RestTemplateConfig { @Autowired private FastJsonHttpMessageConverter httpMessageConverter; @Bean RestTemplate restTemplate() throws Exception { HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(); factory.setConnectionRequestTimeout(5 * 60 * 1000); factory.setConnectTimeout(5 * 60 * 1000); factory.setReadTimeout(5 * 60 * 1000); // https SSLContextBuilder builder = new SSLContextBuilder(); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); ClassPathResource resource = new ClassPathResource("nonghang.keystore"); InputStream inputStream = resource.getInputStream(); keyStore.load(inputStream, null); SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(builder.build(), NoopHostnameVerifier.INSTANCE); Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", new PlainConnectionSocketFactory()) .register("https", socketFactory).build(); PoolingHttpClientConnectionManager phccm = new PoolingHttpClientConnectionManager(registry); phccm.setMaxTotal(200); CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).setConnectionManager(phccm).setConnectionManagerShared(true).build(); factory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(factory); List<HttpMessageConverter<?>> converters = restTemplate.getMessageConverters(); ArrayList<HttpMessageConverter<?>> convertersValid = new ArrayList<>(); for (HttpMessageConverter<?> converter : converters) { if (converter instanceof MappingJackson2HttpMessageConverter || converter instanceof MappingJackson2XmlHttpMessageConverter) { continue; } convertersValid.add(converter); } convertersValid.add(httpMessageConverter); restTemplate.setMessageConverters(convertersValid); inputStream.close(); return restTemplate; }} |
到此配置完畢!
RestTemplate訪問HTTPS
本文簡述一下怎么使用restTemplate來訪問https。
maven
|
1
2
3
4
5
|
<dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>4.5.3</version></dependency> |
這里使用httpclient的factory
配置
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
@Beanpublic RestTemplate restTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true; SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom() .loadTrustMaterial(null, acceptingTrustStrategy) .build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); CloseableHttpClient httpClient = HttpClients.custom() .setSSLSocketFactory(csf) .build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(requestFactory); return restTemplate;} |
驗證
|
1
2
3
4
5
6
|
@Testpublic void testHttps(){ String url = "https://free-api.heweather.com/v5/forecast?city=CN101080101&key=5c043b56de9f4371b0c7f8bee8f5b75e"; String resp = restTemplate.getForObject(url, String.class); System.out.println(resp);} |
以上為個人經驗,希望能給大家一個參考,也希望大家多多支持服務器之家。
原文鏈接:https://blog.csdn.net/fengbird/article/details/89462295
