1.HttpURLConnection
1.1配置Connection
if(url.startsWith(PROTECT_HTTPS)){
HttpsURLConnection https = (HttpsURLConnection) connection;
trustAllHosts(https);
https.setHostnameVerifier(DO_NOT_VERIFY);
}
1.2 trustAllCerts
/**
* 信任管理器
*/
private static final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
}
};
1.3 trushAllHost
/**
* 信任所有host
* @param connection 链接
* @return 返回证书工厂
*/
private static SSLSocketFactory trustAllHosts(HttpsURLConnection connection) {
SSLSocketFactory oldFactory = connection.getSSLSocketFactory();
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
SSLSocketFactory newFactory = sc.getSocketFactory();
connection.setSSLSocketFactory(newFactory);
} catch (Exception e) {
e.printStackTrace();
}
return oldFactory;
}
1.4 设置不校验主机
/**
* 设置不验证主机
*/
private static final HostnameVerifier DO_NOT_VERIFY = (hostname, session) -> true;
2.HttpClient
2.1 创建SSLContext
SSLContext sslContext = = new SSLContextBuilder().loadTrustMaterial(null, (certificate, authType) -> true).build();
2.2 创建httpClient
HttpClientBuilder httpClientBuilder = HttpClientBuilder.create();
httpClient = getHttpClientBuilder().setSSLContext(sslContext)
.setSSLHostnameVerifier(new NoopHostnameVerifier())
.build();
3.RestTemplate
3.1 新建配置
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;
@Configuration
public class RestTemplateConfig {
@Bean
public RestTemplate restTemplate(ClientHttpRequestFactory factory) {
return new RestTemplate(factory);
}
@Bean
public ClientHttpRequestFactory simpleClientHttpRequestFactory() {
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
factory.setConnectTimeout(3000);
factory.setReadTimeout(5000);
return factory;
}
public static HttpComponentsClientHttpRequestFactory generateHttpRequestFactory()
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
TrustStrategy acceptingTrustStrategy = (x509Certificates, authType) -> true;
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
SSLConnectionSocketFactory connectionSocketFactory = new SSLConnectionSocketFactory(sslContext,
new NoopHostnameVerifier());
HttpClientBuilder httpClientBuilder = HttpClients.custom();
httpClientBuilder.setSSLSocketFactory(connectionSocketFactory);
CloseableHttpClient httpClient = httpClientBuilder.build();
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
factory.setHttpClient(httpClient);
return factory;
}
}
3.2 使用restTemplate
log.info("--------------开始请求");
HttpHeaders headers = new HttpHeaders();
// headers.set("token", tokenStr);
headers.setContentType(MediaType.APPLICATION_JSON_UTF8);
HttpEntity<String> entity = new HttpEntity<String>(jsonDataStr, headers);
RestTemplate restTemplateHttps = new RestTemplate(RestTemplateConfig.generateHttpRequestFactory());
ResponseEntity<String> stringResponseEntity = restTemplateHttps.exchange(url, HttpMethod.POST, entity, String.class);
log.info("--------------请求结束");
// 响应状态
String body = stringResponseEntity.getBody();
log.info("获取返回信息:" + body);
4.简单说明
注:上面直接简单的绕过ssl验证,其他配置需要自行加上。除了上述方法,据说还可以通过配置jdk可以解决。