仅使用https的spring引导-测试失败

wlwcrazw  于 2021-09-29  发布在  Java
关注(0)|答案(1)|浏览(371)

我有Spring启动角应用程序
我的服务器端口是1234(示例)。
但是现在我已经安装了ssl
步骤:
使用keytool创建了自签名证书,并将我的p12证书文件添加到资源文件夹中
更新的application.properties
server.ssl.key store type=pkcs12
server.ssl.key store=classpath:myfile.p12
server.ssl.key store password=somepasswordfromenv
server.ssl.key alias=myalias
server.ssl.enabled=true
http.port=8080
server.port=8443
启动应用程序并进行测试

@SpringBootTest(classes = AppWithoutBeansApplication.class, webEnvironment = WebEnvironment.DEFINED_PORT)
class AppControllerTest {

    @Value("${server.ssl.key-store}")
    private Resource trustStore;

    @Value("${server.ssl.key-store-password}")
    private String trustStorePassword;

@Test
public void givenAcceptingAllCertificatesUsing4_4_whenUsingRestTemplate_thenCorrect() 
throws ClientProtocolException, IOException {

    String urlOverHttps = "https://localhost:8443/";
    CloseableHttpClient httpClient
      = HttpClients.custom()
        .setSSLHostnameVerifier(new NoopHostnameVerifier())
        .build();
    HttpComponentsClientHttpRequestFactory requestFactory 
      = new HttpComponentsClientHttpRequestFactory();
    requestFactory.setHttpClient(httpClient);

    ResponseEntity<String> response 
      = new RestTemplate(requestFactory).exchange(
      urlOverHttps, HttpMethod.GET, null, String.class);
    assertThat(response.getStatusCode().value(), equalTo(200));
}

...
错误:
org.springframework.web.client.resourceaccessexception:get请求时发生i/o错误“https://localhost:8443/“:的证书与任何主题替代名称不匹配:[];嵌套异常为javax.net.ssl.sslpeerunverifiedexception:的证书与org.springframework.web.client.resttemplate.doexecute(resttemplate.java:746)中的任何主题替代名称[]不匹配
不明白我的集成测试是如何工作的

rpppsulh

rpppsulh1#

所有答案看起来都很相似,但这一个有效
使用spring resttemplate时忽略ssl证书验证

@Bean
public RestTemplate restTemplate() throws GeneralSecurityException {

    TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
    SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);

    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
            .register("https", sslsf).register("http", new PlainConnectionSocketFactory()).build();

    BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(
            socketFactoryRegistry);
    CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(sslsf)
            .setConnectionManager(connectionManager).build();

    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);

    RestTemplate restTemplate = new RestTemplate(requestFactory);

    return restTemplate;
}

看来这部分改变了


* Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()

                .register("https", sslsf).register("http", new PlainConnectionSocketFactory()).build();*

不要用这个

//  @Bean
//    public RestTemplate nonsslrestTemplate() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
//         TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
//         SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
//         SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
//         CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();
//         HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
//         requestFactory.setHttpClient(httpClient);
//       return new RestTemplate(requestFactory);
//    }

相关问题