如何使用Spring RestTemplate调用HTTPS Restful Web服务

rest java spring resttemplate

2022-09-03 00:28:49

我正在使用Tomcat7，ReST Web服务的Spring框架。我正在尝试使用Spring RestTemplate调用https Web服务。我收到以下错误：

无法找到到请求目标的有效证书路径;嵌套异常是 javax.net.ssl.SSLHandshakeException： sun.security.validator.ValidatorException： PKIX path building failed： sun.security.provider.certpath.SunCertPathBuilderException：找不到到请求目标的有效证书路径

我在stackoverflow在线检查。我尝试了url中的示例代码：使用Spring RestTemplate访问Https Rest Service

我无法让它工作。任何人都可以根据下面的代码告诉我我需要更改什么吗？还有谁能告诉我或向我提供我需要哪些java库的pom.xml文件？

        import org.springframework.web.bind.annotation.RequestMethod;
        import org.springframework.web.client.RestTemplate;

        import com.fasterxml.jackson.core.JsonGenerationException;
        import com.fasterxml.jackson.databind.JsonMappingException;
        import com.fasterxml.jackson.databind.ObjectMapper;
        import com.journaldev.spring.controller.EmpRestURIConstants;
        import com.journaldev.spring.model.CostControlPost;
        import com.journaldev.spring.model.Employee;
        import com.journaldev.spring.model.RfxForUpdate;

        import static org.junit.Assert.*;
        import org.apache.commons.codec.binary.Base64;


        import javax.net.ssl.*;
        import java.io.*;
        import java.security.KeyStore;
        import java.security.MessageDigest;
        import java.security.cert.CertificateException;
        import java.security.cert.X509Certificate;


        public class TestExample2
        {
            public static final String SERVER_LIST="https://abc/sourcing/testServices";


            @Test
            public void testGetListOfServiceNames()
            {
                try
                {


                    RestTemplate restTemplate = new RestTemplate();
                    ResponseEntity<String> response = restTemplate.exchange(SERVER_LIST,HttpMethod.GET,null,String.class);
                    assertNotNull(response);    
                }
                catch(Exception e)
                {
                    System.out.println("e:"+e.getMessage());
                }
            }


        }

答案 1

您需要在密钥库中拥有证书，或者您可以接受所有证书（忽略证书验证）

因此，您可以将 rest 模板的 bean 重新定义为

import javax.net.ssl.SSLContext;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import java.security.cert.X509Certificate;

@Bean
public RestTemplate restTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
    TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;

    SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
                    .loadTrustMaterial(null, acceptingTrustStrategy)
                    .build();

    SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);

    CloseableHttpClient httpClient = HttpClients.custom()
                    .setSSLSocketFactory(csf)
                    .build();

    HttpComponentsClientHttpRequestFactory requestFactory =
                    new HttpComponentsClientHttpRequestFactory();

    requestFactory.setHttpClient(httpClient);
    RestTemplate restTemplate = new RestTemplate(requestFactory);
    return restTemplate;
 }

除了 apache 核心、客户端和依赖项之外，您不需要其他 jar。

答案 2