2017-02-19 230 views
3

我正在使用Tomcat7,Spring框架進行ReST Web服務。 我正在嘗試使用Spring RestTemplate調用https Web服務。 我收到以下錯誤:如何使用Spring RestTemplate調用HTTPS寧靜的Web服務

unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

我在計算器在網上查詢。我嘗試從網址的示例代碼: Access Https Rest Service using Spring RestTemplate

我無法讓它工作。 任何人都可以根據下面的代碼告訴我我需要改變什麼? 也可以有人告訴我或提供我需要java庫的pom.xml文件嗎?

 import org.springframework.web.bind.annotation.RequestMethod; 
     import org.springframework.web.client.RestTemplate; 

     import com.fasterxml.jackson.core.JsonGenerationException; 
     import com.fasterxml.jackson.databind.JsonMappingException; 
     import com.fasterxml.jackson.databind.ObjectMapper; 
     import com.journaldev.spring.controller.EmpRestURIConstants; 
     import com.journaldev.spring.model.CostControlPost; 
     import com.journaldev.spring.model.Employee; 
     import com.journaldev.spring.model.RfxForUpdate; 

     import static org.junit.Assert.*; 
     import org.apache.commons.codec.binary.Base64; 


     import javax.net.ssl.*; 
     import java.io.*; 
     import java.security.KeyStore; 
     import java.security.MessageDigest; 
     import java.security.cert.CertificateException; 
     import java.security.cert.X509Certificate; 


     public class TestExample2 
     { 
      public static final String SERVER_LIST="https://abc/sourcing/testServices"; 


      @Test 
      public void testGetListOfServiceNames() 
      { 
       try 
       { 


        RestTemplate restTemplate = new RestTemplate(); 
        ResponseEntity<String> response = restTemplate.exchange(SERVER_LIST,HttpMethod.GET,null,String.class); 
        assertNotNull(response);  
       } 
       catch(Exception e) 
       { 
        System.out.println("e:"+e.getMessage()); 
       } 
      } 


     } 

回答

6

要麼你需要在你的密鑰庫中的證書,或者您可以接受所有證書(一種關閉忽略證書驗證)

所以,你可以重新定義休息模板的bean作爲

@Bean 
public RestTemplate restTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { 
    TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true; 

    SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom() 
        .loadTrustMaterial(null, acceptingTrustStrategy) 
        .build(); 

    SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); 

    CloseableHttpClient httpClient = HttpClients.custom() 
        .setSSLSocketFactory(csf) 
        .build(); 

    HttpComponentsClientHttpRequestFactory requestFactory = 
        new HttpComponentsClientHttpRequestFactory(); 

    requestFactory.setHttpClient(httpClient); 
    RestTemplate restTemplate = new RestTemplate(requestFactory); 
    return restTemplate; 
} 

除了apache核心,客戶端和依賴關係之外,您不需要額外的jar。

+0

謝謝你的回覆。我嘗試你的代碼。在哪裏jar文件我需要得到「TrustStragey」,「SSLConnectionFactory」。和SSLContents? – user1272936

+0

這些是導入:javax.net.ssl.SSLContext,org.apache.http.conn.ssl.SSLConnectionSocketFactory,org.apache.http.conn.ssl.TrustStrategy。只需使用Apache HTTP客戶端 – user1211

+0

我遵循手冊並添加了這段代碼,但是我遇到了錯誤:'javax.net.ssl.SSLPeerUnverifiedException:<192.168.1.2>的證書與任何主題替代名稱不匹配:[]' –