我正在使用 Apache Camel 使用 SOAP 服务,并且出于开发目的,该服务托管在自签名证书上。
我尝试将证书导入 keystore 但失败了,因为证书没有有效的 CN。
我正在尝试忽略证书错误或信任所有证书。我如何使用 producerTemplate 做到这一点。
Exchange exchangeRequest = producerTemplate.request(endpoint,
new Processor() {
public void process(Exchange exchange) throws Exception {
exchange.getIn().setBody(payload);
if (headermap != null && headermap.size() > 0) {
exchange.getIn().setHeaders(headermap);
}
if (soapHeader != null && !soapHeader.equals("")) {
exchange.getIn()
.setHeader(
SpringWebserviceConstants.SPRING_WS_SOAP_HEADER,
soapHeader);
}
}
});
最佳答案
尝试使用 Samy answer对于消费者,但它不起作用。这是 trustAllCerts 的客户端变体(函数样式,因为我使用的是 Talend Open Studio):
java.util.function.Consumer<org.apache.cxf.service.factory.AbstractServiceFactoryBean> trustAllCerts = sfb -> {
TrustManager[] trustAllCerts_ = new TrustManager[] {
new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() { return null;}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {}
}
};
org.apache.cxf.Bus theBus = org.apache.cxf.bus.CXFBusFactory.getThreadDefaultBus();
((FactoryBeanListenerManager)theBus.getExtension(FactoryBeanListenerManager.class))
.addListener((evnt, sfb_, args) -> {
if (evnt != org.apache.cxf.service.factory.FactoryBeanListener.Event.CLIENT_CREATED) return;
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setTrustManagers(trustAllCerts_);
tlsParams.setDisableCNCheck(true);
WebClient.getConfig((WebClient)args[0]).getHttpConduit().setTlsClientParameters(tlsParams);
});
sfb.setBus(theBus);
};
关于java - Apache Camel ProducerTemplate 忽略 SSL 证书检查,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39092134/