Reputation: 3377
Spring RestTemplate call to HTTPS *without* HttpClient
Trying to make REST calls with RestTemplate using the server cert as the client cert to make calls with.
Don't ask me why :-), but I don't want to use Apache's HttpClient. I just think it's overkill.
I've seen code that uses regular JDK's SSLContext to set things up system-wide, i.e., set up SSLContext and the call SSLContext.setDefault(sslContext) as in this code:
// ... keymanagers, trustmanagers are omitted here
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keymanagers, trustmanagers, new SecureRandom());
SSLContext.setDefault(sslContext);
However, I saw a GitHub comment here (https://github.com/spring-projects/spring-boot/issues/6493) that states that setting SSLContext as default like that isn't really a good idea.
So, my question is: outside of having to use HttpClient, is there a way to use the sslContext configured in the code snippet above in RestTemplate setup somehow?
Upvotes: 1
Views: 3639
Answers (1)
Reputation: 2273
You can override the default requestFactory in the restTemplate by doing
restTemplate.setRequestFactory(new MyCustomRequestFactory());
Have a look at org.springframework.http.client.SkipSslVerificationHttpRequestFactory here for an example of setting SSLContext in your request factory.
Upvotes: 2
Related Questions
- RestTemplate with HTTPS (Accept all Certificate)
- How to use RestTemplate with certificate authentication?
- Access Https Rest Service using Spring RestTemplate
- Use of RestTemplate together with SSL
- How to configure Spring RestTemplate with SSL (in Spring @MVC)
- Need to ignore certificate when using restTemplate
- Ignore SSL certificate validation when using Spring RestTemplate
- How to call HTTPS restful web services using Spring RestTemplate
- Spring RestTemplate SSL
- Access Https Rest Service using Spring RestTemplate (2 way SSL between client and server)