• springboot 请求https的私有证书验证

    一、方案描述

    我这里采用RestTemplate的方式调用https请求,请求第三方接口获取数据,证书由第三方私自签发的证书,我们构建的是一个springboot的API项目。

    1.pom文件引入jar

    2.      
    3.             org.springframework.boot
    4.             spring-boot-starter-web
    5.         
    6.  
    7.         
    8.         
    9.             org.apache.httpcomponents
    10.             httpclient
    11.         
    12.  
    13.         
    14.             org.springframework.boot
    15.             spring-boot-configuration-processor
    16.             true
    17.

    2.构建一个RestTemplateConfig

    构建RestTemplateConfig为了初始化RestTemplate让它具备验证证书功能。

    1. /**
    2.  * @Author: LongGE
    3.  * @Date: 2023-08-28
    4.  * @Description:
    5.  */
    6. @Configuration
    7. public class RestTemplateConfig {
    8.  
    9.     /**
    10.      * 1.创建一个KeyStore,并将需要信任的证书加载到KeyStore中。示例代码如下:
    11.      * @return
    12.      * @throws CertificateException
    13.      * @throws IOException
    14.      * @throws KeyStoreException
    15.      * @throws NoSuchAlgorithmException
    16.      */
    17.     @Bean
    18.     public KeyStore createKeyStore() throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
    19.         CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
    20.         FileInputStream inputStream =
    21.                 new FileInputStream("D:\\WorkSpace\\local\\online-project\\RequestSpringBoot\\src\\main\\resources\\my-certificate.crt");
    22.         X509Certificate certificate = (X509Certificate) certFactory.generateCertificate(inputStream);
    23.         KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    24.         keyStore.load(null, null);
    25.         keyStore.setCertificateEntry("my-cert", certificate);
    26.         return keyStore;
    27.     }
    28.  
    29.     /**
    30.      * 2.创建一个TrustManagerFactory,使用上述创建的KeyStore来初始化它
    31.      * @return
    32.      * @throws CertificateException
    33.      * @throws NoSuchAlgorithmException
    34.      * @throws KeyStoreException
    35.      * @throws IOException
    36.      */
    37.     @Bean
    38.     public TrustManagerFactory createTrustManagerFactory() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
    39.         KeyStore keyStore = createKeyStore();
    40.         TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    41.         trustManagerFactory.init(keyStore);
    42.         return trustManagerFactory;
    43.     }
    44.  
    45.     /**
    46.      * 3.创建一个SSLContext,并使用上述创建的TrustManagerFactory来初始化它。
    47.      * @return
    48.      * @throws NoSuchAlgorithmException
    49.      * @throws CertificateException
    50.      * @throws KeyStoreException
    51.      * @throws IOException
    52.      * @throws KeyManagementException
    53.      */
    54.     @Bean
    55.     public SSLContext createSSLContext() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException, KeyManagementException {
    56.         TrustManagerFactory trustManagerFactory = createTrustManagerFactory();
    57.         SSLContext sslContext = SSLContext.getInstance("TLS");
    58.         sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
    59.         return sslContext;
    60.     }
    61.  
    62.     /**
    63.      * 4.创建一个HttpsURLConnectionFactory,使用上述创建的SSLContext来设置HttpsURLConnection的SSLSocketFactory。
    64.      * @return
    65.      * @throws CertificateException
    66.      * @throws NoSuchAlgorithmException
    67.      * @throws KeyStoreException
    68.      * @throws KeyManagementException
    69.      * @throws IOException
    70.      */
    71.     @Bean
    72.     public RestTemplate createRestTemplate() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException {
    73.         SSLContext sslContext = createSSLContext();
    74.         HttpClientBuilder httpClientBuilder = HttpClientBuilder.create();
    75.         httpClientBuilder.setSSLContext(sslContext);
    76.         // 创建HttpComponentsClientHttpRequestFactory
    77.         HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
    78.         requestFactory.setHttpClient(httpClientBuilder.build());
    79.         // 创建RestTemplate,并设置自定义的SSLSocketFactory
    80.         RestTemplate restTemplate = new RestTemplate(requestFactory);
    81.         return restTemplate;
    82.     }
    83.  
    84. }

    二.使用方案

    这样构建好的RestTemplate,我们在Controller或者Service就可以通过@Autowried注解引入。

    1. @RestController
    2. @RequestMapping("/TestController")
    3. public class TestController {
    4.  
    5.     @Autowired
    6.     private RestTemplate restTemplate;
    7.  
    8.     private String url = "https://www.houpu.com";
    9.  
    10.     private String relativePath2 = "/ResponseController/getTestMapping";
    11.  
    12.  
    13.     @GetMapping("/test02")
    14.     public String test02() {
    15.         //发起请求
    16.         String fullUrl2 = UriComponentsBuilder.fromHttpUrl(url).path(relativePath2).toUriString();
    17.         String response2 = restTemplate.getForObject(fullUrl2, String.class);
    18.         System.out.println(response2);
    19.         return response2;
    20.     }
    21.  
    22. }

  • 相关阅读:
    机器学习之分类回归模型(决策数、随机森林)
    【小程序项目开发-- 京东商城】uni-app之自定义搜索组件(中)-- 搜索建议
    [Java反序列化]—Shiro反序列化(二)
    10年测试经验,在35岁的生理年龄面前,一文不值
    python rb读取文件 base64加密 byte.decode解密,base64解密
    归并排序和快速排序的两种实现
    小学期-中期总结报告
    渗透测试tomcat错误信息泄露解决办法
    计算机网络文章荟萃
    【数据结构】线性表(四)双向链表的各种操作(插入、删除、查找、修改、遍历打印)
  • 原文地址:https://blog.csdn.net/gelong_bokewang/article/details/132731615