用了那么多次的SSL,头一回遇到对接的厂商直接IP上SSL,还是自己生成的,过不了校验的那种。
厂商还比我们牛气,不愿意更改,没办法,只能我们自己更改了。由于我用的是默认的Feign来进行远程端口调用的。因此代码如下。
import feign.Client;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.ssl.SSLContexts;
import org.springframework.context.annotation.Bean;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
public class IgnoreSSLCheckConfiguration {
@Bean
public Client feignClient() {
return new Client.Default(getSSLSocketFactory(), new NoopHostnameVerifier());
}
private SSLSocketFactory getSSLSocketFactory() {
try {
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
return sslContext.getSocketFactory();
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
}
未经允许不得转载:RffanLAB|Rffan实验室 » openfeign忽略Https证书校验