removed SSL bypass logic from RestTemplateConfig.java
This commit is contained in:
@@ -4,39 +4,16 @@ import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import org.springframework.http.client.SimpleClientHttpRequestFactory;
|
||||
import javax.net.ssl.*;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.cert.X509Certificate;
|
||||
// import org.springframework.http.client.SimpleClientHttpRequestFactory;
|
||||
// import javax.net.ssl.*;
|
||||
// import java.security.SecureRandom;
|
||||
// import java.security.cert.X509Certificate;
|
||||
|
||||
@Configuration
|
||||
public class RestTemplateConfig {
|
||||
|
||||
@Bean
|
||||
public RestTemplate restTemplate() {
|
||||
try {
|
||||
// Trust all certificates (TEMP ONLY)
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
|
||||
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
|
||||
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
|
||||
}
|
||||
};
|
||||
|
||||
SSLContext sslContext = SSLContext.getInstance("TLS");
|
||||
sslContext.init(null, trustAllCerts, new SecureRandom());
|
||||
|
||||
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
|
||||
HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
|
||||
|
||||
SimpleClientHttpRequestFactory factory =
|
||||
new SimpleClientHttpRequestFactory();
|
||||
|
||||
return new RestTemplate(factory);
|
||||
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException("Failed to create SSL ignoring RestTemplate", e);
|
||||
}
|
||||
return new RestTemplate();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user