자기 스스로가 CA가 되어 인증서를 자기 서명을 하여 웹 서버에 배포하는 경우 Self Signed Certification을 허용할 수 있도록 RestTemplate
을 구성할 필요가 있습니다.
import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.springframework.http.ResponseEntity; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import org.springframework.web.client.RestTemplate; import javax.net.ssl.SSLContext; import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; public class Tester { public static void main(String[] args) throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { TrustSelfSignedStrategy strategy = new TrustSelfSignedStrategy(); // 중요!! SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom() .loadTrustMaterial(null, strategy) .build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); CloseableHttpClient httpClient = HttpClients.custom() .setSSLSocketFactory(csf) .build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(requestFactory); ResponseEntity<String> forEntity = restTemplate.getForEntity(URL, String.class); } }
1 Comment
Edward AUTHOR
May 30, 2020Spring Boot에 SSL 적용하는 방법은 https://www.securesign.kr/guides/Spring-Boot-SSL-Certificate-Install에 있습니다.