怎么将客户端证书添加到Spring WebClient?

本教程将介绍如何将客户端证书添加到Spring WebClient?的处理方法,这篇教程是从别的地方看到的,然后加了一些国外程序员的疑问与解答,希望能对你有所帮助,好了,下面开始学习吧。

怎么将客户端证书添加到Spring WebClient? 教程 第1张

问题描述

我正在构建一个Spring WebClient,它在内部调用托管在不同服务器上的rest API。为此,我需要向每个握手请求发送公钥(.cert)和私钥(.key)。
我不确定怎么使用Spring WebClient来做到这一点。

我尝试设置WebClient,但无法添加这种轻松的代码

WebClient Builder

this.webCLient = WebClient.builder()
 .baseUrl("https://some-rest-api.com")
 .defaultHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON.toString())
 .build();

实际呼叫

this.webClient.get()
 .uri("/getData")
 .exchange()
 .flatMap(clientResponse -> {
  System.out.println(clientResponse);
  return clientResponse.bodyToMono(MyClass.class);
 });

由于没有证书添加到请求,我在日志中收到握手错误

javax.net.ssl.SSLException: Received fatal alert: handshake_failure

怎么将这些证书添加到WebClient请求,这样我就不会收到此错误?我有证书,但不确定怎么添加。

推荐答案

我花了一些时间才找到托马斯答案中缺少的部分。

在这里:

public static SslContext getTwoWaySslContext() {
 try(FileInputStream keyStoreFileInputStream = new FileInputStream(ResourceUtils.getFile(clientSslKeyStoreClassPath));
  FileInputStream trustStoreFileInputStream = new FileInputStream(ResourceUtils.getFile(clientSslTrustStoreClassPath));
  ) {
  KeyStore keyStore = KeyStore.getInstance("jks");
  keyStore.load(keyStoreFileInputStream, clientSslKeyStorePassword.toCharArray());
  KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
  keyManagerFactory.init(keyStore, clientSslKeyStorePassword.toCharArray());

  KeyStore trustStore = KeyStore.getInstance("jks");
  trustStore.load(trustStoreFileInputStream, clientSslTrustStorePassword.toCharArray());
  TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
  trustManagerFactory.init(trustStore);

  return SslContextBuilder.forClient()
.keyManager(keyManagerFactory)
.trustManager(trustManagerFactory)
.build();

 } catch (Exception e) {
  log.error("An error has occurred: ", e);
 }
 return null;
}


HttpClient httpClient = HttpClient.create().secure(sslSpec -> sslSpec.sslContext(SslUtil.getTwoWaySslContext()));
ClientHttpConnector clientHttpConnector = new ReactorClientHttpConnector(httpClient);
WebClient webClient = webClientBuilder
 .clientConnector(clientHttpConnector)
 .baseUrl(baseUrl)
 .build();

尽情享受!

好了关于怎么将客户端证书添加到Spring WebClient?的教程就到这里就结束了,希望趣模板源码网找到的这篇技术文章能帮助到大家,更多技术教程可以在站内搜索。