1、设置requestFactory
public class HttpsClientRequestFactory extends SimpleClientHttpRequestFactory { @Override protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException { try { if (connection instanceof HttpURLConnection) {// http协议 //throw new RuntimeException("An instance of HttpsURLConnection is expected"); super.prepareConnection(connection, httpMethod); } if (connection instanceof HttpsURLConnection) {// https协议,修改协议版本 KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); // 信任任何链接 TrustStrategy anyTrustStrategy = new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { return true; } }; SSLContext ctx = SSLContexts.custom().useTLS().loadTrustMaterial(trustStore, anyTrustStrategy).build(); ((HttpsURLConnection) connection).setSSLSocketFactory(ctx.getSocketFactory()); HttpsURLConnection httpsConnection = (HttpsURLConnection) connection; super.prepareConnection(httpsConnection, httpMethod); } } catch (Exception e) { e.printStackTrace(); } } }
RestTemplate restTemplate = new RestTemplate(new HttpsClientRequestFactory());
方法二:在client层指定
public static CloseableHttpClient acceptsUntrustedCertsHttpClient() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { HttpClientBuilder b = HttpClientBuilder.create(); // 设置信任所有证书 SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return true; } }).build(); b.setSSLContext(sslContext); HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE; SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", sslSocketFactory) .build(); PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry); connMgr.setMaxTotal(200); connMgr.setDefaultMaxPerRoute(100); b.setConnectionManager(connMgr); CloseableHttpClient client = b.build(); return client; }
@Bean(name = "httpsFactory") public HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory() throws Exception{ CloseableHttpClient httpClient = HttpClientUtils.acceptsUntrustedCertsHttpClient(); HttpComponentsClientHttpRequestFactory httpsFactory = new HttpComponentsClientHttpRequestFactory(httpClient); httpsFactory.setReadTimeout(2000); httpsFactory.setConnectTimeout(2000); return httpsFactory; }
@Bean(name = "restTemplate") public RestTemplate httpsRestTemplate(HttpComponentsClientHttpRequestFactory httpsFactory){ RestTemplate restTemplate = new RestTemplate(httpsFactory); return restTemplate; }
ResponseEntity<byte[]> responseEntity = restTemplate.getForEntity(URI.create(a), byte[].class);
注意在使用时url地址要用URI包装一下,否则有些String类型的url地址会出现异常
eg:AuthorizationQueryParametersError</Code><Message>Error parsing the X-Amz-Credential parameter;