OpenFeign 创建一个不验证SSL证书的Feign客户端
1. 配置信息
import feign.Client;
import feign.Logger;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
/**
* feign
* @author
* @date
*/
@Configuration
public class FeignServiceConfig {
@Bean
public Client feignClient() throws NoSuchAlgorithmException, KeyManagementException {
// 创建一个名为trustAllCerts的TrustManager数组,其中包含一个X509TrustManager实例。
//这个X509TrustManager实例的主要作用是在检查客户端和服务器的证书时不抛出异常,这样就能信任所有的证书。
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
};
//
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// 创建一个Client.Default实例,它接受一个SSLSocketFactory和一个HostnameVerifier
return new Client.Default(sslContext.getSocketFactory(), (hostname, session) -> true);
}
}