Disabling SSL Certificate Validation in Spring RestTemplate Disabling SSL Certificate Validation in Spring RestTemplate spring spring

Disabling SSL Certificate Validation in Spring RestTemplate


spring validation ssl-certificate resttemplate 

@Beanpublic RestTemplate restTemplate()                 throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {    TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;    SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()                    .loadTrustMaterial(null, acceptingTrustStrategy)                    .build();    SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);    CloseableHttpClient httpClient = HttpClients.custom()                    .setSSLSocketFactory(csf)                    .build();    HttpComponentsClientHttpRequestFactory requestFactory =                    new HttpComponentsClientHttpRequestFactory();    requestFactory.setHttpClient(httpClient);    RestTemplate restTemplate = new RestTemplate(requestFactory);    return restTemplate; }

spring validation ssl-certificate resttemplate

Essentially two things you need to do are use a custom TrustStrategy that trusts all certs, and also use NoopHostnameVerifier() to disable hostname verification. Here is the code, with all the relevant imports:

import java.security.KeyManagementException;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.ssl.SSLContext;import org.apache.http.conn.ssl.NoopHostnameVerifier;import org.apache.http.conn.ssl.SSLConnectionSocketFactory;import org.apache.http.conn.ssl.TrustStrategy;import org.apache.http.impl.client.CloseableHttpClient;import org.apache.http.impl.client.HttpClients;import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;import org.springframework.web.client.RestTemplate;public RestTemplate getRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {    TrustStrategy acceptingTrustStrategy = (x509Certificates, s) -> true;    SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();    SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());    CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();    requestFactory.setHttpClient(httpClient);    RestTemplate restTemplate = new RestTemplate(requestFactory);    return restTemplate;}

spring validation ssl-certificate resttemplate

What you need to add is a custom HostnameVerifier class bypasses certificate verification and returns true

HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {    public boolean verify(String hostname, SSLSession session) {        return true;    }});

This needs to be placed appropriately in your code.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last