javajack · January 1, 2020 06:43
diff --git a/resttemplate-ignore-ssl.txt b/resttemplate-ignore-ssl.txt
 /*
     * Create a RestTemplate bean
     * with trust all SSL certificates and SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
     * replaced for new apache httpclient to NoopHostnameVerifier.INSTANCE
     */
    @Bean
    public RestTemplate restTemplate() throws NoSuchAlgorithmException, KeyManagementException {

        /*
         * Ignore untrusted certificates
         */
        TrustManager[] trustAllCerts = new TrustManager[]{
            new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }

                public void checkClientTrusted(
                        java.security.cert.X509Certificate[] certs, String authType) {
                }

                public void checkServerTrusted(
                        java.security.cert.X509Certificate[] certs, String authType) {
                }
            }
        };

        // Install the all-trusting trust manager
        SSLContext sslContext = SSLContext.getInstance("SSL");

        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

        /*
         * Create an HttpClient that uses the custom SSLContext and do not verify cert hostname
         */
        CloseableHttpClient httpClient = HttpClients.custom()
                .setSSLContext(sslContext)
                .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
                .build();

        HttpComponentsClientHttpRequestFactory customRequestFactory
                = new HttpComponentsClientHttpRequestFactory();

        customRequestFactory.setHttpClient(httpClient);

        /*
         * Create a RestTemplate that uses custom request factory
         */
        return new RestTemplate(customRequestFactory);
    }
	/*
	* Create a RestTemplate bean
	* with trust all SSL certificates and SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
	* replaced for new apache httpclient to NoopHostnameVerifier.INSTANCE
	*/
	@Bean
	public RestTemplate restTemplate() throws NoSuchAlgorithmException, KeyManagementException {

	/*
	* Ignore untrusted certificates
	*/
	TrustManager[] trustAllCerts = new TrustManager[]{
	new X509TrustManager() {
	public java.security.cert.X509Certificate[] getAcceptedIssuers() {
	return new X509Certificate[0];
	}

	public void checkClientTrusted(
	java.security.cert.X509Certificate[] certs, String authType) {
	}

	public void checkServerTrusted(
	java.security.cert.X509Certificate[] certs, String authType) {
	}
	}
	};

	// Install the all-trusting trust manager
	SSLContext sslContext = SSLContext.getInstance("SSL");

	sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

	/*
	* Create an HttpClient that uses the custom SSLContext and do not verify cert hostname
	*/
	CloseableHttpClient httpClient = HttpClients.custom()
	.setSSLContext(sslContext)
	.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
	.build();

	HttpComponentsClientHttpRequestFactory customRequestFactory
	= new HttpComponentsClientHttpRequestFactory();

	customRequestFactory.setHttpClient(httpClient);

	/*
	* Create a RestTemplate that uses custom request factory
	*/
	return new RestTemplate(customRequestFactory);
	}