用了那么多次的SSL,头一回遇到对接的厂商直接IP上SSL,还是自己生成的,过不了校验的那种。
厂商还比我们牛气,不愿意更改,没办法,只能我们自己更改了。由于我用的是默认的Feign来进行远程端口调用的。因此代码如下。
import feign.Client; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.ssl.SSLContexts; import org.springframework.context.annotation.Bean; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; public class IgnoreSSLCheckConfiguration { @Bean public Client feignClient() { return new Client.Default(getSSLSocketFactory(), new NoopHostnameVerifier()); } private SSLSocketFactory getSSLSocketFactory() { try { SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build(); return sslContext.getSocketFactory(); } catch (Exception ex) { throw new RuntimeException(ex); } } }
未经允许不得转载:RffanLAB|Rffan实验室 » openfeign忽略Https证书校验