上一篇文章已经通过配置SSL证书,完成了浏览器以https方式对后台服务接口的访问。在此基础之上,本篇介绍如何配置RestTemplate 完成对后台服务接口的访问。
配置步骤如下:
一. 访问https接口,并从浏览器导出 .cer证书文件
二. 将cer证书导入到jdk的证书管理库,以管理员身份运行CMD窗口
命令:keytool -import -v -trustcacerts -alias testhttps -file "D:/tmp/ssl/testhttps.cer" -storepass changeit -keystore "C:/Program Files/Java/jdk1.8.0_131/jre/lib/security/cacerts"
三. 创建项目,编写相应代码和配置
1. pom.xml文件添加httpclient依赖包
<!-- http -->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.4</version>
</dependency>2. 编写RestTemplate配置类
import org.apache.http.client.HttpClient;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
/**
* restTemplate配置
*/
@Configuration
public class RestTemplateConfig {
/**
* 使用ssl对证书进行验证,需要将证书导出到jdk管理仓库,
* 命令:keytool -import -v -trustcacerts -alias mytest -file "D:/tmp/mytest.cer" -keystore "C:/Program Files/Java/jdk1.8.0_131/jre/lib/security/cacerts"
*/
@Bean("restTemplate")
@Primary
public RestTemplate restTemplate() throws NoSuchAlgorithmException, KeyManagementException {
HttpComponentsClientHttpRequestFactory httpRequestFactory = new
HttpComponentsClientHttpRequestFactory();
httpRequestFactory.setConnectionRequestTimeout(6 * 1000); //获取连接池连接的超时时间(毫秒)
httpRequestFactory.setConnectTimeout(6 * 1000); //连接上服务器(握手成功)的时间(毫秒)
httpRequestFactory.setReadTimeout(60 * 1000); //返回数据时间(毫秒)
httpRequestFactory.setHttpClient(httpClient());
RestTemplate restTemplate = new RestTemplate(httpRequestFactory);
return restTemplate;
}
@Bean
public HttpClient httpClient() throws KeyManagementException, NoSuchAlgorithmException {
SSLContextBuilder contextBuilder = new SSLContextBuilder();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(contextBuilder.build(), NoopHostnameVerifier.INSTANCE);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", new PlainConnectionSocketFactory())
.register("https", socketFactory).build();
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registry);
connectionManager.setMaxTotal(200);
connectionManager.setDefaultMaxPerRoute(100);
CloseableHttpClient httpClient = HttpClientBuilder.create().setConnectionManager(connectionManager).build();
return httpClient;
}
}
3. 编写Controller控制类
import com.ssl.demo.entity.UserInfo;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;
import javax.annotation.Resource;
@RestController
public class UserController {
@Resource(name = "restTemplate")
private RestTemplate restTemplate;
@RequestMapping("getUserInfo")
public UserInfo getUserInfo() {
String url = "https://localhost:9090/ssl-service/getUserInfo"; //服务端接口
UserInfo data = restTemplate.getForObject(url , UserInfo.class);
return data;
}
}4. application.yml配置文件
server:
port: 8080
servlet:
context-path: /ssl-client
四. 验证 运行效果
启动客户端和服务端项目,在浏览器访问客户端接口:http://localhost:8080/ssl-client/getUserInfo
验证成功,下一篇文章更新客户端使用RestTemplate 如何绕过证书校验 访问https服务。
完整示例下载地址:
链接:https://pan.baidu.com/s/1xrfxkbnz1bGhhrTKKKhPew
提取码:tyoe
2510
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
