CertificateException：使用 OAuth2RestTemplate NOT RestTemplate 找不到与本地主机匹配的名称答案

【问题标题】：CertificateException: No name matching localhost found using OAuth2RestTemplate NOT RestTemplateCertificateException：使用 OAuth2RestTemplate NOT RestTemplate 找不到与本地主机匹配的名称
【发布时间】：2018-04-15 01:26:03
【问题描述】：

我正在尝试使用 OAuth2RestTemplate 访问自签名证书以通过 HTTPS 检索令牌，但我仍然收到此错误：

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException：没有名称匹配本地主机找到了

这是我抛出错误的单元测试：

    public class OAuth2ClientTest {

    private static final Logger logger = LoggerFactory
            .getLogger(SecurityConfig.class);

    @Value("${oauth.resource:https://localhost:8443}")
    private String baseUrl;

    @Value("${oauth.token:https://localhost:8443/oauth/token}")
    private String tokenUrl;

    @Value("${oauth.resource.id:microservice-test}")
    private String resourceId;

    @Value("${oauth.resource.client.id:client1}")
    private String resourceClientId;

    @Value("${oauth.resource.client.secret:changit}")
    private String resourceClientSecret;



    @Test
    public void execute_post_to_tokenUrl()
            throws ClientProtocolException, IOException {

        OAuth2RestTemplate template = template();

        ResponseEntity<String> response = template.exchange(
                tokenUrl,
                HttpMethod.POST,
                null,
                String.class);

        assertThat(response.getStatusCode().value(), equalTo(200));
    }

    private OAuth2RestTemplate template(){
        ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
        resource.setAccessTokenUri(tokenUrl);
        resource.setId(resourceId);
        resource.setClientId(resourceClientId);
        resource.setClientSecret(resourceClientSecret);

        resource.setGrantType("password");

        resource.setScope(Arrays.asList("openid"));

        resource.setUsername("user1@example.com");
        resource.setPassword("user1");

        OAuth2RestTemplate template = new OAuth2RestTemplate(resource);

        ClientHttpRequestFactory factory = template.getRequestFactory();

        template.setRequestFactory(requestFactory());
        return template;
    }

    private HttpComponentsClientHttpRequestFactory requestFactory(){

        CloseableHttpClient httpClient
                = HttpClients.custom()
                .setSSLHostnameVerifier(new NoopHostnameVerifier())
                .build();
        HttpComponentsClientHttpRequestFactory requestFactory
                = new HttpComponentsClientHttpRequestFactory();
        requestFactory.setHttpClient(httpClient);

        return requestFactory;
    }
}

当我使用非 HTTPS 连接时，OAuth2 代码可以正常工作。只是不使用 HTTPS

【问题讨论】：

标签： ssl spring-boot oauth resttemplate oauth2resttemplate

【解决方案1】：

如果您希望 TLS 正常工作，您必须创建一个别名为“localhost”的证书。
其他可能性是将其设置为静态或在您的测试配置中：

final HostnameVerifier defaultHostnameVerifier = javax.net.ssl.HttpsURLConnection.getDefaultHostnameVerifier ();
final HostnameVerifier localhostAcceptedHostnameVerifier = new javax.net.ssl.HostnameVerifier () {

   public boolean verify ( String hostname, javax.net.ssl.SSLSession sslSession ) {
        if ( hostname.equals ( "localhost" ) ) {
            return true;
        }
         return defaultHostnameVerifier.verify ( hostname, sslSession );
    }
};
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier ( localhostAcceptedHostnameVerifier );

...

【讨论】：