restTemplate 忽略ssl 证书 请求

调用https 证书过期的接口出现 如下报错：

org.springframework.web.client.ResourceAccessException: I/O error on POST request for " XXXX”: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed

网上搜索了了一下几个方法都要导入额外的httpclient 包 不够优雅， 查看springbot 源码 发现 ClientHttpRequestFactory 存在内部实现类型 SkipSslVerificationHttpRequestFactory

自己新建一个SkipSslVerificationHttpRequestFactory类 将源码复制过来

 

import org.springframework.http.client.SimpleClientHttpRequestFactory;

import javax.net.ssl.*;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;

/**
 *
 * @author Justubborn
 * @since 2025/9/1
 */
public class SkipSslVerificationHttpRequestFactory extends SimpleClientHttpRequestFactory {
    @Override
    protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
        if (connection instanceof HttpsURLConnection httpsURLConnection) {
            prepareHttpsConnection(httpsURLConnection);
        }
        super.prepareConnection(connection, httpMethod);
    }

    private void prepareHttpsConnection(HttpsURLConnection connection) {
        connection.setHostnameVerifier(new SkipHostnameVerifier());
        try {
            connection.setSSLSocketFactory(createSslSocketFactory());
        }
        catch (Exception ex) {
            // Ignore
        }
    }

    private SSLSocketFactory createSslSocketFactory() throws Exception {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, new TrustManager[] { new SkipX509TrustManager() }, new SecureRandom());
        return context.getSocketFactory();
    }

    private static final class SkipHostnameVerifier implements HostnameVerifier {

        @Override
        public boolean verify(String s, SSLSession sslSession) {
            return true;
        }

    }

    private static final class SkipX509TrustManager implements X509TrustManager {

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) {
        }

    }
}

 

在工具类中定义 RespTemplate

 

    private static final RestTemplate restTemplate = restTemplate(); 

    private static RestTemplate restTemplate() {
     
        SimpleClientHttpRequestFactory factory = new SkipSslVerificationHttpRequestFactory();
        factory.setConnectTimeout(Duration.ofSeconds(5));
        factory.setReadTimeout(Duration.ofSeconds(10));
        return new RestTemplate(factory);
    }

通过 RestClient 调用

 RestClient restClient = RestClient.builder(restTemplate).baseUrl(url).build();
 String result = restClient.post().contentType( new MediaType("application", "x-www-form-urlencoded", Charset.defaultCharset())).body(formBody).retrieve().body(String.class);

解决！