使用 spring Web 客户端命中 https Z65E8800B5C6800AAD896F888B2A 服务

Question

I have got two .cer file from client now my goal is to hit client api using https rather than http using spring webclient. As I am new to spring webclient not getting clue what to do

I have imported both.cer in keystore using below command

keytool -import -file "C:\Users\ankur\Download\Entrust_Root_Certification_Authority-G2.cer" -keystore "C:\Program Files\Java\jre1.8.0_40\lib\security\cacerts" -storepass "changeit"

keytool -import -file "C:\Users\ankur\Download\certificate\Entrust_Certification_Authority-L1K.cer" -keystore "C:\Program Files\Java\jre1.8.0_40\lib\security\cacerts" -storepass "changeit

I have written below to code in order to hit the api programatically from webclient

@Bean

       public WebClient createWebClient() throws SSLException {

             SslContext sslContext = SslContextBuilder

                           .forClient()

                           .trustManager(InsecureTrustManagerFactory.INSTANCE)

                           .build();          

             HttpClient httpClient = HttpClient

                           .create()

                           .secure(sslContextSpec -> sslContextSpec.sslContext(sslContext));

                    ClientHttpConnector connector = new ReactorClientHttpConnector(httpClient);

             return WebClient.builder()

                           .clientConnector(connector).build();

       }



application.yml
    rest:
      endpoint:https://someexample.com/xyz

I have no idea what to do with.cer file where to store these.cer file do we need to include in resource folder of spring boot any example or link would be helpful thanks

Answer 1

below is the one of the approach with that you can configure ssl certs to webclient

Copy your required certs to your resources folder
let's take an example as config/Entrust_Root_Certification_Authority-G2.cer

Create a property to configure the location of your certs as below in one of your configuration class

  @Value("${entrust.ssl.cert.path:config/Entrust_Root_Certification_Authority-G2.cer}")
  private String entrustSslCertFilePath;

Load these certs while creating SslContext

SslContext sslContext = SslContextBuilder.forClient()
            .trustManager(new ClassPathResource(entrustSslCertFilePath).getInputStream())
            .build();

Note: Above metioned i have used with pem file which worked properly, give a try and if required feel free to convert cer to pem file and sslshopper will be very helpful for validating and converting ssl certs

Thanks