OpenFegin跳过SSL验证

已于 2024-02-01 16:03:52 修改
阅读量447 收藏 4
点赞数 5
文章标签: ssl 网络协议 网络
于 2024-02-01 16:03:05 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_51982163/article/details/135976250
版权

OpenFegin在请求某些Https会报错

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145) ~[na:1.8.0_40]
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) ~[na:1.8.0_40]
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[na:1.8.0_40]
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) ~[na:1.8.0_40]
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[na:1.8.0_40]
	at sun.security.validator.Validator.validate(Validator.java:260) ~[na:1.8.0_40]
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[na:1.8.0_40]
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:1.8.0_40]
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[na:1.8.0_40]
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460) ~[na:1.8.0_40]
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212) ~[na:1.8.0_40]
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:969) ~[na:1.8.0_40]
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:904) ~[na:1.8.0_40]
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050) ~[na:1.8.0_40]
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363) ~[na:1.8.0_40]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391) ~[na:1.8.0_40]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_40]
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) ~[na:1.8.0_40]
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[na:1.8.0_40]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512) ~[na:1.8.0_40]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440) ~[na:1.8.0_40]
	at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) ~[na:1.8.0_40]
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) ~[na:1.8.0_40]
	at feign.Client$Default.convertResponse(Client.java:143) ~[feign-core-10.1.0.jar:na]
	at feign.Client$Default.execute(Client.java:68) ~[feign-core-10.1.0.jar:na]
	at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:108) ~[feign-core-10.1.0.jar:na]
	at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78) ~[feign-core-10.1.0.jar:na]
	at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:103) ~[feign-core-10.1.0.jar:na]
	at com.sun.proxy.$Proxy75.getToken(Unknown Source) ~[na:na]
	at com.maoslv.service.impl.UserServiceImpl.oauthLogin(UserServiceImpl.java:33) ~[classes/:na]
	at com.maoslv.controller.UserController.valid(UserController.java:18) ~[classes/:na]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_40]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_40]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_40]
	at java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.8.0_40]
	at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:892) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:797) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1039) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:897) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:634) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882) ~[spring-webmvc-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:526) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_40]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_40]
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.24.jar:9.0.24]
	at java.lang.Thread.run(Thread.java:745) [na:1.8.0_40]

解决方案

@Configuration
public class OpenFeginConfig {
    /**
     * 跳过ssl验证
     * @return
     * @throws NoSuchAlgorithmException
     * @throws KeyManagementException
     */
    @Bean
    @ConditionalOnMissingBean
    public Client feiClient() throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext ctx = SSLContext.getInstance("SSL");
        X509TrustManager tm = new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

            }

            @Override
            public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        ctx.init(null, new TrustManager[]{tm}, null);
        return new Client.Default(
                ctx.getSocketFactory(), new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession sslSession) {
                return true;
            }
        }
        );
    }
}
MaoSLv
关注
  • 5
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
openfeign 全局日志/忽略https验证
学海无涯,我用JAVA
03-30 1074
feign 相对于 resttemplate 来说不仅兼具他的功能,而且比他更强大,所以当项目为springcloud架构之后,无论是服务之间的调用,还是其他的http调用,都应该统一用feign处理;如果是单体项目,则resttemplate优先考虑;网上也有单独配置某个feign 的方法;传送门这里推荐全局配置,这样省去了逐个配置的麻烦,然后这样有助于在生产环境定位问题,待服务运行平稳之后,再将feign日志去掉,或者整体调整服务日志级别 打印等;
OpenFeign 微服务之间调用 https ssl证书配置
qq_35414397的博客
08-31 7257
1.application.yml文件中加入证书信息: server: port: 9002 ssl: protocol: TLS key-store: classpath:xxx.com.jks key-store-password: xxxxx key-store-type: JKS 2.证书文件xxx.com.jks放在项目根目录下,此处是springboot项目,直接放在resources目录下即可 3.pom.xml引入独立的feign依赖
feign调用远程服务如何忽略SSL证书
qq_40612126的博客
05-09 2310
feign调用远程服务如何忽略SSL证书1.引入依赖2.添加配置3.原理解释 1.引入依赖 <!--引入feign依赖,作为第三方http请求的工具--> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-openfeign</artifactId&
Openfeign和okHttp的https请求忽略ssl证书认证
thekenofDIS的专栏
01-23 604
因为我调用的接口是https接口。要么就导入证书,要么就忽略证书验证。okhttpclent忽略。
使用Spring Cloud OpenFeign完整构造Rest接口
最新发布
weixin_43927080的博客
05-21 444
Spring Cloud OpenFeign 用于以声明式快速构建Restful API,它简化了与HTTP服务交互的过程,使得接口调用更加方便和简洁,是构建微服务架构的重要工具。本文将详细阐述如何构建一个健全,简洁,可靠的rest接口
Feign忽略https接口调用SSL证书验证
qq_36599564的博客
04-27 7778
报错信息: ERROR javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address 10.25.193.111 found Caused by: java.security.cert.CertificateException: No subject alternative names matching IP addr
Feign 发送https请求过证书认证
ShineupUP的博客
04-21 677
Feign 发送https请求过证书认证。
Feign忽略Https的SSL最佳方案(且保证负载均衡将失效)
mengting2040的博客
08-11 1473
【代码】Feign忽略Https的SSL最佳方案(且保证负载均衡将失效)
Java如何过https的ssl证书验证详解
08-25
Java过HTTPS的SSL证书验证详解 本文主要介绍了Java过HTTPS的SSL证书验证的解决思路,并通过示例代码进行了详细的介绍,对大家的学习或者工作具有一定的参考学习价值。 一、HTTPS和HTTP的区别 HTTPS和HTTP的...
安装 金蝶云 SSL检测
10-05
实际上,对于个人或非商业用途的简单安装,SSL检测并不会影响金蝶云的基本功能使用。 SSL是网络安全的一种标准协议,主要目的是为网络通信提供加密处理,防止数据在传输过程中被窃取或篡改。它通过公钥和私钥...
Android最新版xwalkssl验证
06-03
ERR_INSECURE_RESPONSE问题导致部分https验证不通过,可以直接替换 .gradle/caches/modules-2/files-2.1/org.xwalk/23.53.589.4下的aar包,也可以放在项目下,最开始我像webview那样处理,好像没回调这个,不过也...
http远程接口调用-httpClient+SSL证书校验
08-04
然而,在开发和测试阶段,我们可能需要SSL证书校验以简化流程。本文将详细介绍如何使用Apache HttpClient库进行HTTP远程接口调用,并讲解如何在Java中SSL证书校验。 HttpClient是Apache提供的一款强大的...
Spring Cloud OpenFeign简单使用以及开启https
qq_32238611的博客
01-28 6183
Spring Cloud OpenFeign简单使用以及开启https 前言 之前的几篇博客中,微服务之间的调用是通过注入一个restTemplate对象,并且使用@LoadBalanced注解实现了负载均衡。其实Spring Cloud也提供了声明式的REST客户端:Feign,相对于直接注入restTemplate对象,Feign的使用更加简洁一些。 本文主要记录了Spring Cloud OpenFeign如何开启https,对OpenFeign的基本使用也简单进行了整理。 测试工程 本次主要由三个工
unable to find valid certification path to requested target
LLittleF的博客
07-11 2754
使用java向发起https请求时报这个错,出现这个错误的原因是因为ssl证书链不完整。 所以解决这个问题最好还是从服务器下手,把SSL证书补全就可以了。 如果服务器不在你手里,请参考网上其他的解决方案解决。 如何补全证书链?以nginx为例 登录这个网站https://myssl.com/chain_download.html 复制全部内容,进入服务器,编辑证书.pem文件,将原有内容全部替换为你拷贝的内容,注意最后不要有空行! 保存后执行 nginx -s reload就行了 ..
解决:unable to find valid certification path to requested target
weixin_44519124的博客
08-25 5万+
问题 sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 出现原因 这个问题的根本原因是你安装JDK时,Java\jar 1.8.0_141\lib\ext\里面缺少了一个安全凭证js
spring-cloud-loadbalancer和openfeign集成对ssl认证的支持
weixin_39162597的博客
10-12 229
核心点就是创建一个loadbalancer支持的openfeign的客户端,通过源码分析找到FeignBlockingLoadBalancerClient类,分析构造方法后发现传入一个openfeign的client即可。
彻底解决unable to find valid certification path to requested target
热门推荐
Gabriel576282253的专栏
08-09 30万+
转自: https://blog.csdn.net/frankcheng5143/article/details/52164939/ https://blog.csdn.net/wangjunjun2008/article/details/37662851 https://blog.csdn.net/w1054993544/article/details/38025649 https://...
jdbc连接ssl验证
06-07
在JDBC连接中SSL证书验证,可以通过设置JDBC连接属性来实现。 在使用JDBC连接MySQL数据库时,可以使用以下代码设置连接属性来SSL证书验证: ``` String url = "jdbc:mysql://localhost/test?useSSL=false...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值