gpt4 book ai didi

java - Spring 启动: FeignClient with SSL (p12)

转载 作者:搜寻专家 更新时间:2023-11-01 02:38:17 26 4
gpt4 key购买 nike

我正在尝试为一个使用 SSL 的外部 HTTP API 创建一个 FeignClient。困难在于——如何使用我的逻辑修改默认的 Spring FeignClient,在本例中为 SSL Connection Factory。所以基本上我想保留 Spring 自动为 FeignClients 做的所有好事,比如 Hystrix、Sleuth 跟踪等,并让它与我的 SSL 工厂一起工作。

将不胜感激任何建议。


这是我尝试做的:

我尝试在 ComponentScan 之外提供自定义的@Configuration:

@Configuration
public class CustomFeignConfiguration
{
@Bean
public Feign.Builder feignBuilder()
{
Client trustSSLSockets = new Client.Default(
TrustingSSLSocketFactory.get("server1"),
new NoopHostnameVerifier());

log.info("feignBuilder called");
return Feign.builder().client(trustSSLSockets);
}
...
}

通过注解让FeignClient使用

    @FeignClient(name = "sslClient", configuration = CustomFeignConfiguration.class, url = "https://...")

其中“TrustingSSLSocketFactory”的实现类似于this .

现在,如果我在 Spring 应用程序中注入(inject)我的客户端,我可以看到调用了“feignBuilder”并且它成功加载了我的 key 。问题在于创建的客户端实际上并未将指定的 SSLFactory 用于 createSocket 调用。所以我得到:

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_72]
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) ~[na:1.8.0_72]
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) ~[na:1.8.0_72]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) ~[na:1.8.0_72]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_72]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[na:1.8.0_72]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[na:1.8.0_72]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[na:1.8.0_72]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[na:1.8.0_72]
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513) ~[na:1.8.0_72]
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441) ~[na:1.8.0_72]
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) ~[na:1.8.0_72]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) ~[na:1.8.0_72]
at feign.Client$Default.convertResponse(Client.java:152) ~[feign-core-9.3.1.jar:na]

最佳答案

创建 Client,因为它是自己的 @Bean 而不是构建器的一部分。 builder.client(client) 稍后被调用,覆盖您在创建构建器时设置的客户端。

所以

@Bean
public Client feignClient()
{
Client trustSSLSockets = new Client.Default(
TrustingSSLSocketFactory.get("server1"),
new NoopHostnameVerifier());

log.info("feignClient called");
return trustSSLSockets;
}

关于java - Spring 启动: FeignClient with SSL (p12),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/40853829/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com