springboot通过resttemplate访问其他https的服务的方法

1) Download the .crt
file

echo -n | openssl s_client -connect <your domain>:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/<your domain>.crt

replace <your domain>
with your domain (e.g. jossef.com
)

  1. Apply the .crt
    file in Java's cacerts
    certificate store
    keytool -import -v -trustcacerts -alias <your domain> -file ~/<your domain>.crt -keystore <JAVA HOME>/jre/lib/security/cacerts -keypass changeit -storepass changeit

replace <your domain>
with your domain (e.g. jossef.com
)
replace <JAVA HOME>
with your java home directory

  1. Hack it
    Even though iv'e installed my certificate in Java
    's default certificate stores, Tomcat ignores that (seems like it's not configured to use Java's default certificate stores).
    To hack this, add the following somewhere in your code:
    String certificatesTrustStorePath = "<JAVA HOME>/jre/lib/security/cacerts";System.setProperty("javax.net.ssl.trustStore", certificatesTrustStorePath);
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容