자기 스스로가 CA가 되어 인증서를 자기 서명을 하여 웹 서버에 배포하는 경우 Self Signed Certification을 허용할 수 있도록 RestTemplate 을 구성할 필요가 있습니다.

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;

import javax.net.ssl.SSLContext;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;

public class Tester {

    public static void main(String[] args) throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        TrustSelfSignedStrategy strategy = new TrustSelfSignedStrategy(); // 중요!!

        SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
                .loadTrustMaterial(null, strategy)
                .build();

        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);

        CloseableHttpClient httpClient = HttpClients.custom()
                .setSSLSocketFactory(csf)
                .build();

        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();

        requestFactory.setHttpClient(httpClient);

        RestTemplate restTemplate = new RestTemplate(requestFactory);

        ResponseEntity<String> forEntity = restTemplate.getForEntity(URL, String.class);
    }
}


1 Comment

  1. Edward AUTHOR

    Spring Boot에 SSL 적용하는 방법은 https://www.securesign.kr/guides/Spring-Boot-SSL-Certificate-Install에 있습니다.