RestTemplate客户端调用https接口设置ssl证书

最新推荐文章于 2024-12-23 17:44:53 发布

原创最新推荐文章于 2024-12-23 17:44:53 发布 · 1.7k 阅读

4 ·

CC 4.0 BY-SA版权

文章标签：

#https #ssl #网络协议

该文是演示如何给resttemplate客户端配置ssl证书来进行https接口调用。

import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.KeyManagerFactory;

public class RestTemplateWithCertificate {
    public static void main(String[] args) throws Exception {
        // 加载证书
        Resource keyStoreResource = new ClassPathResource("client_keystore.jks");
        InputStream keyStoreInputStream = keyStoreResource.getInputStream();

        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(keyStoreInputStream, "keystore_password".toCharArray());

        // 创建SSL上下文
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "keystore_password".toCharArray());

        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);

        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());

        // 创建RestTemplate
        RestTemplate restTemplate = new RestTemplate(new SimpleClientHttpRequestFactory() {
            @Override
            protected void prepareConnection(java.net.HttpURLConnection connection, String httpMethod) {
                if (connection instanceof javax.net.ssl.HttpsURLConnection) {
                    ((javax.net.ssl.HttpsURLConnection) connection).setSSLSocketFactory(sslContext.getSocketFactory());
                }
            }
        });

        // 发送HTTPS请求
        String url = "https://example.com/api";
        String result = restTemplate.getForObject(url, String.class);
        System.out.println(result);
    }
}

其中 client_keystore.jks， keystore_password 和url 根据项目实现情况替换