• 解决Feign HTTPS远程调用绕过SSL证书验证


    系统增加ssl证书后,通过Feign访问的接口会报错。

    import feign.Client;
    import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
    import org.springframework.cloud.netflix.ribbon.SpringClientFactory;
    import org.springframework.cloud.openfeign.ribbon.CachingSpringLoadBalancerFactory;
    import org.springframework.cloud.openfeign.ribbon.LoadBalancerFeignClient;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    
    import javax.net.ssl.*;
    import java.security.KeyManagementException;
    import java.security.NoSuchAlgorithmException;
    import java.security.cert.CertificateException;
    import java.security.cert.X509Certificate;
    
    @Configuration
    public class FeignConfig {
    
        @Bean
        @ConditionalOnMissingBean
        public Client feignClient(CachingSpringLoadBalancerFactory cachingFactory,
                                  SpringClientFactory clientFactory) throws NoSuchAlgorithmException, KeyManagementException {
            SSLContext ctx = SSLContext.getInstance("SSL");
            X509TrustManager tm = new X509TrustManager() {
                @Override
                public void checkClientTrusted(X509Certificate[] chain,
                                               String authType) throws CertificateException {
                }
    
                @Override
                public void checkServerTrusted(X509Certificate[] chain,
                                               String authType) throws CertificateException {
                }
    
                @Override
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            ctx.init(null, new TrustManager[]{tm}, null);
            return new LoadBalancerFeignClient(new Client.Default(ctx.getSocketFactory(),
                    new HostnameVerifier() {
    
                        @Override
                        public boolean verify(String hostname, SSLSession session) {
                            // TODO Auto-generated method stub
                            return true;
                        }
                    }),
                    cachingFactory, clientFactory);
        }
    }
    

      

    <dependency>
                    <groupId>org.springframework.cloud</groupId>
                    <artifactId>spring-cloud-starter-netflix-ribbon</artifactId>
                </dependency>
                <!-- 使用Apache HttpClient替换Feign原生httpclient -->
                <dependency>
                    <!--不是netfix包下了,应该是独立出来开源了-->
                    <groupId>io.github.openfeign</groupId>
                    <artifactId>feign-httpclient</artifactId>
                    <version>9.4.0</version>
                    <!-- <version>9.5.1</version>   这里可以不指定version spring-boot-parent中已经有版本定义-->
                </dependency>
                
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-starter-openfeign</artifactId>
            </dependency>
  • 相关阅读:
    关于注解
    关于泛型
    关于ER图和UML图之间的对比
    关于Eclipse中的egit的常规使用和模板
    关于Eclipse中的开源框架EMF(Eclipse Modeling Framework),第三部分
    关于Eclipse Modeling Framework进行建模,第二部分
    SQL Server 2005/2008备份数据库时提示“无法打开备份设备”
    试用版SQL Server 2008 R2 提示评估期已过
    该登录名来自不受信任的域,不能与 Windows 身份验证一起使用。
    SVN-如何删除 SVN 文件夹下面的小图标
  • 原文地址:https://www.cnblogs.com/emojio/p/13565114.html
Copyright © 2020-2023  润新知