All geek questions in one place

How to call HTTPS using Spring RestTemplate

I am using Tomcat7, Spring framework for ReST web services. I am trying to call the https web service using Spring RestTemplate . I get the following error:

Could not find a valid certification path for the requested target. nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: Failed to create PKIX path: sun.security.provider.certpath.SunCertPathBuilderException: cannot find a valid certification path for the requested target

I check online at stackoverflow. I tried the sample code from the URL: Access Https Rest Service using Spring RestTemplate

I could not get it to work. Can someone tell me, based on the code below, what I need to change? Also can someone tell me or provide me a pom.xml file, what kind of java libraries do I need?

import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.client.RestTemplate; import com.fasterxml.jackson.core.JsonGenerationException; import com.fasterxml.jackson.databind.JsonMappingException; import com.fasterxml.jackson.databind.ObjectMapper; import com.journaldev.spring.controller.EmpRestURIConstants; import com.journaldev.spring.model.CostControlPost; import com.journaldev.spring.model.Employee; import com.journaldev.spring.model.RfxForUpdate; import static org.junit.Assert.*; import org.apache.commons.codec.binary.Base64; import javax.net.ssl.*; import java.io.*; import java.security.KeyStore; import java.security.MessageDigest; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; public class TestExample2 { public static final String SERVER_LIST="https://abc/sourcing/testServices"; @Test public void testGetListOfServiceNames() { try { RestTemplate restTemplate = new RestTemplate(); ResponseEntity<String> response = restTemplate.exchange(SERVER_LIST,HttpMethod.GET,null,String.class); assertNotNull(response); } catch(Exception e) { System.out.println("e:"+e.getMessage()); } } }
+9
source share
1 answer

Either you must have certificates in your keystore, or you can accept all certificates (disable ignore certificate verification)

So you can redefine the bean of rest pattern as

 import javax.net.ssl.SSLContext; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.TrustStrategy; import java.security.cert.X509Certificate; @Bean public RestTemplate restTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true; SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom() .loadTrustMaterial(null, acceptingTrustStrategy) .build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); CloseableHttpClient httpClient = HttpClients.custom() .setSSLSocketFactory(csf) .build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(requestFactory); return restTemplate; }

You do not need additional jar files other than the kernel, client, and apache dependencies.

+11
source

Source: https://habr.com/ru/post/1264406/

More articles:


All Articles