feign接口调用对方接口的时候,可能对方的证书什么的有问题,ssl验证不通过,需要关闭ssl校验,记录一下。
import feign.Feign;import okhttp3.ConnectionPool;import org.springframework.boot.autoconfigure.AutoConfigureBefore;import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;import org.springframework.boot.context.properties.EnableConfigurationProperties;import org.springframework.cloud.openfeign.FeignAutoConfiguration;import org.springframework.context.annotation.Bean;import javax.net.ssl.*;import java.security.GeneralSecurityException;import java.security.KeyStore;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import java.util.concurrent.TimeUnit;@ConditionalOnProperty(value = "okhttp.client.max-idle-connections")@ConditionalOnClass(Feign.class)@AutoConfigureBefore(FeignAutoConfiguration.class)@EnableConfigurationProperties(OkHttpClientProperties.class)public class DefaultFeignOkHttpConfig {@Beanpublic okhttp3.OkHttpClient okHttpClient(OkHttpClientProperties okHttpClientProperties) {X509TrustManager x509TrustManager = systemDefaultTrustManager();SSLSocketFactory sslSocketFactory = systemDefaultSslSocketFactory(x509TrustManager);HostnameVerifier notVerify = (hostname, session) -> true;return new okhttp3.OkHttpClient.Builder().sslSocketFactory(sslSocketFactory, x509TrustManager).hostnameVerifier(notVerify)// 设置读超时.readTimeout(okHttpClientProperties.getReadTimeout(), TimeUnit.SECONDS)// 设置连接超时.connectTimeout(okHttpClientProperties.getConnectTimeout(), TimeUnit.SECONDS)// 设置写超时.writeTimeout(okHttpClientProperties.getWriteTimeout(), TimeUnit.SECONDS)// 是否自动重连.retryOnConnectionFailure(okHttpClientProperties.isRetryOnConnectionFailure())// 默认创建5个线程,保持5分钟长连接.connectionPool(new ConnectionPool(okHttpClientProperties.getMaxIdleConnections(),okHttpClientProperties.getKeepAliveDuration(), TimeUnit.MINUTES)).build();}private X509TrustManager systemDefaultTrustManager() {try {TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());trustManagerFactory.init((KeyStore) null);TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();trustManagers[0] = new X509TrustManager(){@Overridepublic void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}@Overridepublic void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}@Overridepublic X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}};return (X509TrustManager) trustManagers[0];} catch (GeneralSecurityException e) {// The system has no TLS. Just give up.throw new AssertionError();}}private SSLSocketFactory systemDefaultSslSocketFactory(X509TrustManager trustManager) {try {SSLContext sslContext = SSLContext.getInstance("TLS");sslContext.init(null, new TrustManager[]{trustManager}, null);return sslContext.getSocketFactory();} catch (GeneralSecurityException e) {// The system has no TLS. Just give up.throw new AssertionError();}}/*** fegin远程调用时为请求添加jwt-token的header** @return*/@Beanpublic FeignRequestInterceptor feignRequestInterceptor() {return new FeignRequestInterceptor();}}
若有收获,就点个赞吧
0 人点赞
