removed SSL bypass logic from RestTemplateConfig.java
This commit is contained in:
@@ -4,39 +4,16 @@ import org.springframework.context.annotation.Bean;
|
|||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.web.client.RestTemplate;
|
import org.springframework.web.client.RestTemplate;
|
||||||
|
|
||||||
import org.springframework.http.client.SimpleClientHttpRequestFactory;
|
// import org.springframework.http.client.SimpleClientHttpRequestFactory;
|
||||||
import javax.net.ssl.*;
|
// import javax.net.ssl.*;
|
||||||
import java.security.SecureRandom;
|
// import java.security.SecureRandom;
|
||||||
import java.security.cert.X509Certificate;
|
// import java.security.cert.X509Certificate;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
public class RestTemplateConfig {
|
public class RestTemplateConfig {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public RestTemplate restTemplate() {
|
public RestTemplate restTemplate() {
|
||||||
try {
|
return new RestTemplate();
|
||||||
// Trust all certificates (TEMP ONLY)
|
|
||||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
|
||||||
new X509TrustManager() {
|
|
||||||
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
|
|
||||||
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
|
|
||||||
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
SSLContext sslContext = SSLContext.getInstance("TLS");
|
|
||||||
sslContext.init(null, trustAllCerts, new SecureRandom());
|
|
||||||
|
|
||||||
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
|
|
||||||
HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
|
|
||||||
|
|
||||||
SimpleClientHttpRequestFactory factory =
|
|
||||||
new SimpleClientHttpRequestFactory();
|
|
||||||
|
|
||||||
return new RestTemplate(factory);
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
|
||||||
throw new RuntimeException("Failed to create SSL ignoring RestTemplate", e);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user